diff --git a/.github/workflows/qa-deprecated-c-cpp.yml b/.github/workflows/qa-deprecated-c-cpp.yml index 1774ec9..0c1ef00 100644 --- a/.github/workflows/qa-deprecated-c-cpp.yml +++ b/.github/workflows/qa-deprecated-c-cpp.yml @@ -34,7 +34,7 @@ jobs: exit 1 fi - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis diff --git a/.github/workflows/qa-install-build-wrapper.yml b/.github/workflows/qa-install-build-wrapper.yml index c355fa0..93797cc 100644 --- a/.github/workflows/qa-install-build-wrapper.yml +++ b/.github/workflows/qa-install-build-wrapper.yml @@ -34,7 +34,7 @@ jobs: exit 1 fi - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis diff --git a/.github/workflows/qa-main.yml b/.github/workflows/qa-main.yml index 144665c..03b66d6 100644 --- a/.github/workflows/qa-main.yml +++ b/.github/workflows/qa-main.yml @@ -17,7 +17,7 @@ jobs: os: [github-ubuntu-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action without args @@ -37,7 +37,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -66,7 +66,7 @@ jobs: ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -93,7 +93,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -121,7 +121,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -148,7 +148,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -178,7 +178,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - run: mkdir -p ./baseDir @@ -198,7 +198,7 @@ jobs: 'scannerVersion' input runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerVersion @@ -222,7 +222,7 @@ jobs: 'scannerBinariesUrl' input with invalid URL runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerBinariesUrl @@ -250,7 +250,7 @@ jobs: 'scannerBinariesUrl' does not allow command injection via semicolons runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerBinariesUrl @@ -271,7 +271,7 @@ jobs: 'scannerBinariesUrl' does not allow command injection via spaces and quotes runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerBinariesUrl @@ -292,7 +292,7 @@ jobs: Don't fail on Gradle project runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Gradle project @@ -313,7 +313,7 @@ jobs: Don't fail on Kotlin Gradle project runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Kotlin Gradle project @@ -334,7 +334,7 @@ jobs: Don't fail on Maven project runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Maven project @@ -367,7 +367,7 @@ jobs: --health-timeout 5s --health-retries 10 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on sample project @@ -390,7 +390,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with debug mode @@ -421,7 +421,7 @@ jobs: --health-timeout 5s --health-retries 10 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: SonarQube Cache @@ -450,7 +450,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with deprecated SONARCLOUD_URL @@ -469,7 +469,7 @@ jobs: scannerBinariesUrl redirect (3xx) is followed runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Generate SSL certificates for nginx @@ -505,7 +505,7 @@ jobs: os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with SSL certificate @@ -556,7 +556,7 @@ jobs: Analysis takes into account 'SONAR_ROOT_CERT' runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Generate server certificate @@ -664,7 +664,7 @@ jobs: truststore.p12 is updated when present runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Create SONAR_SSL_FOLDER with a file in it (not-truststore.p12) @@ -793,7 +793,7 @@ jobs: 'scannerVersion' input validation runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with invalid scannerVersion diff --git a/.github/workflows/qa-scripts.yml b/.github/workflows/qa-scripts.yml index b27fdcb..a1ca31c 100644 --- a/.github/workflows/qa-scripts.yml +++ b/.github/workflows/qa-scripts.yml @@ -12,7 +12,7 @@ jobs: name: create_install_path.sh runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -123,7 +123,7 @@ jobs: SONAR_SCANNER_URL_MACOSX_AARCH64: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-macosx-aarch64.zip' SONAR_SCANNER_SHA_MACOSX_AARCH64: 'DOWNLOAD-SHA-MACOSX-AARCH64' steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -252,7 +252,7 @@ jobs: name: download.sh runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -321,7 +321,7 @@ jobs: name: fetch_latest_version.sh runs-on: github-ubuntu-latest-s steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Test script diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index d8f28e2..1523a94 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -13,7 +13,7 @@ jobs: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e #v6.4.0 diff --git a/.github/workflows/update-tags.yml b/.github/workflows/update-tags.yml index 84717f2..8ed6fad 100644 --- a/.github/workflows/update-tags.yml +++ b/.github/workflows/update-tags.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Parse semver uses: madhead/semver-utils@4cf918affe9106ea59f86c6250e5ec4570ac4389 # v5.0.0 diff --git a/.github/workflows/version_update.yml b/.github/workflows/version_update.yml index 6bddf98..90bf62b 100644 --- a/.github/workflows/version_update.yml +++ b/.github/workflows/version_update.yml @@ -13,7 +13,7 @@ jobs: new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }} steps: - run: sudo apt install -y jq - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: master fetch-depth: 0 @@ -49,7 +49,7 @@ jobs: pull-requests: write if: needs.check-version.outputs.should_update == 'true' steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: master persist-credentials: true