diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e1822e0945..0851ff5007 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -28,7 +28,7 @@ jobs: env: PR_COMMITS: ${{ github.event.pull_request.commits }} run: echo "base-depth=$(expr ${PR_COMMITS} + 1)" >> $GITHUB_OUTPUT - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: ${{ steps.base-depth.outputs.base-depth }} @@ -59,7 +59,7 @@ jobs: needs: [changes] if: ${{ needs.changes.outputs.non-docs == 'true' }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 @@ -76,7 +76,7 @@ jobs: checks: write # Used by golangci-lint to annotate code in the PR needs: [changes] steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 persist-credentials: false @@ -112,7 +112,7 @@ jobs: name: test runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 09146e6dac..9657996282 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/dependabot-regen.yml b/.github/workflows/dependabot-regen.yml index e25993617c..c8137dab23 100644 --- a/.github/workflows/dependabot-regen.yml +++ b/.github/workflows/dependabot-regen.yml @@ -19,7 +19,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/go-coverage.yml b/.github/workflows/go-coverage.yml index 6cae24a7ec..0e1a8b249d 100644 --- a/.github/workflows/go-coverage.yml +++ b/.github/workflows/go-coverage.yml @@ -35,7 +35,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: path: ${{ github.workspace }}/src/github.com/tektoncd/chains persist-credentials: false diff --git a/.github/workflows/goclean.yml b/.github/workflows/goclean.yml index be2c2054d1..2890369abc 100644 --- a/.github/workflows/goclean.yml +++ b/.github/workflows/goclean.yml @@ -27,7 +27,7 @@ jobs: goclean: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml index 64b0ec0de5..a1ae1c122a 100644 --- a/.github/workflows/nightly-build.yml +++ b/.github/workflows/nightly-build.yml @@ -46,7 +46,7 @@ jobs: # egress-policy: audit - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/patch-release.yaml b/.github/workflows/patch-release.yaml index bd979f64e6..2c772e48a7 100644 --- a/.github/workflows/patch-release.yaml +++ b/.github/workflows/patch-release.yaml @@ -37,7 +37,7 @@ jobs: matrix: ${{ steps.scan.outputs.matrix }} has_releases: ${{ steps.scan.outputs.has_releases }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/reusable-e2e.yaml b/.github/workflows/reusable-e2e.yaml index 175f815a4e..41154386c0 100644 --- a/.github/workflows/reusable-e2e.yaml +++ b/.github/workflows/reusable-e2e.yaml @@ -35,7 +35,7 @@ jobs: steps: - name: Check out our repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/test-on-microshift.yaml b/.github/workflows/test-on-microshift.yaml index ecc0a01ea9..3e6b21e899 100644 --- a/.github/workflows/test-on-microshift.yaml +++ b/.github/workflows/test-on-microshift.yaml @@ -27,7 +27,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: path: ${{ github.workspace }}/src/github.com/tektoncd/chains persist-credentials: false diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index eba9798aae..14c488e0d9 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -15,7 +15,7 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false