diff --git a/.github/.env.base b/.github/.env.base index c863cb9..3c605ff 100644 --- a/.github/.env.base +++ b/.github/.env.base @@ -39,7 +39,7 @@ GO_SECONDARY_VERSION=1.24.x # Govulncheck-specific Go version for vulnerability scanning # Uses newer Go version for accurate standard library vulnerability detection # Override this in .env.custom if needed for compatibility -GOVULNCHECK_GO_VERSION=1.25.x +GOVULNCHECK_GO_VERSION=1.25.5 # ================================================================================================ # 📦 GO MODULE CONFIGURATION @@ -108,6 +108,9 @@ ENABLE_SECURITY_SCAN_NANCY=true # Dependency vulnerability checks # Documentation & Publishing ENABLE_GODOCS_PUBLISHING=true # Publish to pkg.go.dev on tag/releases +# Workflow Reporting +ENABLE_COMPLETION_REPORT=true # Generate workflow completion report (adds 2-4 min) + # ================================================================================================ # 📦 ARTIFACT DOWNLOAD CONFIGURATION # ================================================================================================ @@ -241,15 +244,15 @@ REDIS_CACHE_FORCE_PULL=false # Force pull Redis images even when cache # 🪄 MAGE-X CONFIGURATION # ================================================================================================ -MAGE_X_VERSION=v1.8.7 # https://github.com/mrz1836/mage-x/releases +MAGE_X_VERSION=v1.8.9 # https://github.com/mrz1836/mage-x/releases MAGE_X_USE_LOCAL=false # Use local version for development MAGE_X_AUTO_DISCOVER_BUILD_TAGS=true # Enable auto-discovery of build tags MAGE_X_AUTO_DISCOVER_BUILD_TAGS_EXCLUDE=race,custom # Comma-separated list of tags to exclude MAGE_X_FORMAT_EXCLUDE_PATHS=vendor,node_modules,.git,.idea # Format exclusion paths (comma-separated directories to exclude from formatting) -MAGE_X_GITLEAKS_VERSION=8.29.1 # https://github.com/gitleaks/gitleaks/releases +MAGE_X_GITLEAKS_VERSION=8.30.0 # https://github.com/gitleaks/gitleaks/releases MAGE_X_GOFUMPT_VERSION=v0.9.2 # https://github.com/mvdan/gofumpt/releases MAGE_X_GOLANGCI_LINT_VERSION=v2.6.2 # https://github.com/golangci/golangci-lint/releases -MAGE_X_GORELEASER_VERSION=v2.12.7 # https://github.com/goreleaser/goreleaser/releases +MAGE_X_GORELEASER_VERSION=v2.13.0 # https://github.com/goreleaser/goreleaser/releases MAGE_X_GOVULNCHECK_VERSION=v1.1.4 # https://go.googlesource.com/vuln/+refs MAGE_X_GO_SECONDARY_VERSION=1.24.x # Secondary Go version for MAGE-X (also our secondary) MAGE_X_GO_VERSION=1.24.x # Primary Go version for MAGE-X (also our primary) @@ -281,7 +284,7 @@ MAGE_X_YAMLFMT_VERSION=v0.20.0 # https://github.c # MAGE_X_DOWNLOAD_TIMEOUT=5000 # MAGE_X_DOWNLOAD_USER_AGENT=MAGE-X-Agent # MAGE_X_PARALLEL=3 -# MAGE_X_TEST_EXCLUDE_MODULES=magefiles # Comma-separated module names to exclude from tests/coverage (default: magefiles) +# MAGE_X_TEST_EXCLUDE_MODULES=module1,module2 # MAGE_X_TEST_RACE=false # MAGE_X_VERBOSE=true @@ -304,7 +307,7 @@ NANCY_EXCLUDES=CVE-2024-38513,CVE-2023-45142 # Github Secret(s): OSSI_USERNAME and OSSI_TOKEN # Security Tools -GITLEAKS_VERSION=8.29.1 # https://github.com/gitleaks/gitleaks/releases +GITLEAKS_VERSION=8.30.0 # https://github.com/gitleaks/gitleaks/releases GOVULNCHECK_VERSION=v1.1.4 # https://pkg.go.dev/golang.org/x/vuln NANCY_VERSION=v1.0.52 # https://github.com/sonatype-nexus-community/nancy/releases @@ -336,7 +339,7 @@ GO_PRE_COMMIT_ALL_FILES=true GO_PRE_COMMIT_GOLANGCI_LINT_VERSION=v2.6.2 # https://github.com/golangci/golangci-lint/releases GO_PRE_COMMIT_FUMPT_VERSION=v0.9.2 # https://github.com/mvdan/gofumpt/releases GO_PRE_COMMIT_GOIMPORTS_VERSION=latest # https://github.com/golang/tools -GO_PRE_COMMIT_GITLEAKS_VERSION=v8.29.1 # https://github.com/gitleaks/gitleaks/releases +GO_PRE_COMMIT_GITLEAKS_VERSION=v8.30.0 # https://github.com/gitleaks/gitleaks/releases # Build tags for golangci-lint and other tools GO_PRE_COMMIT_BUILD_TAGS= diff --git a/.github/workflows/auto-merge-on-approval.yml b/.github/workflows/auto-merge-on-approval.yml index 4f9d086..1fd4863 100644 --- a/.github/workflows/auto-merge-on-approval.yml +++ b/.github/workflows/auto-merge-on-approval.yml @@ -65,7 +65,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0b1e1f7..6f150ec 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index da04f63..8602184 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -62,7 +62,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base diff --git a/.github/workflows/fortress-benchmarks.yml b/.github/workflows/fortress-benchmarks.yml index 716aced..4c0a101 100644 --- a/.github/workflows/fortress-benchmarks.yml +++ b/.github/workflows/fortress-benchmarks.yml @@ -128,7 +128,7 @@ jobs: # Checkout code and set up Go environment # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Setup Go with caching and version management diff --git a/.github/workflows/fortress-code-quality.yml b/.github/workflows/fortress-code-quality.yml index 52f456f..a7c5d03 100644 --- a/.github/workflows/fortress-code-quality.yml +++ b/.github/workflows/fortress-code-quality.yml @@ -70,7 +70,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables @@ -217,7 +217,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables @@ -437,7 +437,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-completion-finalize.yml b/.github/workflows/fortress-completion-finalize.yml index f1c2c69..f562b4c 100644 --- a/.github/workflows/fortress-completion-finalize.yml +++ b/.github/workflows/fortress-completion-finalize.yml @@ -60,7 +60,7 @@ jobs: # Checkout repository for local actions # -------------------------------------------------------------------- - name: 📥 Checkout Repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse inputs and setup diff --git a/.github/workflows/fortress-completion-report.yml b/.github/workflows/fortress-completion-report.yml index 61e2b60..35932e3 100644 --- a/.github/workflows/fortress-completion-report.yml +++ b/.github/workflows/fortress-completion-report.yml @@ -116,7 +116,7 @@ jobs: # Checkout repository for local actions # -------------------------------------------------------------------- - name: 📥 Checkout Repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-completion-statistics.yml b/.github/workflows/fortress-completion-statistics.yml index 23d9885..64f7608 100644 --- a/.github/workflows/fortress-completion-statistics.yml +++ b/.github/workflows/fortress-completion-statistics.yml @@ -64,7 +64,7 @@ jobs: # Checkout repository for local actions # -------------------------------------------------------------------- - name: 📥 Checkout Repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-completion-tests.yml b/.github/workflows/fortress-completion-tests.yml index 84ffc78..9d16d07 100644 --- a/.github/workflows/fortress-completion-tests.yml +++ b/.github/workflows/fortress-completion-tests.yml @@ -60,7 +60,7 @@ jobs: # Checkout repository for local actions # -------------------------------------------------------------------- - name: 📥 Checkout Repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-coverage.yml b/.github/workflows/fortress-coverage.yml index 458a3f1..561ed93 100644 --- a/.github/workflows/fortress-coverage.yml +++ b/.github/workflows/fortress-coverage.yml @@ -158,7 +158,7 @@ jobs: echo "✅ Branch helper functions created" - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Fetch all history including tags for version display @@ -2356,7 +2356,7 @@ jobs: done - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 2 # Need history for codecov to detect changes diff --git a/.github/workflows/fortress-pre-commit.yml b/.github/workflows/fortress-pre-commit.yml index 1cefd79..f73aabf 100644 --- a/.github/workflows/fortress-pre-commit.yml +++ b/.github/workflows/fortress-pre-commit.yml @@ -61,7 +61,7 @@ jobs: # Checkout code (full checkout to ensure local actions are available) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Fetch full history to enable file change detection for all commit ranges diff --git a/.github/workflows/fortress-release.yml b/.github/workflows/fortress-release.yml index bcf1d53..aeb681a 100644 --- a/.github/workflows/fortress-release.yml +++ b/.github/workflows/fortress-release.yml @@ -62,7 +62,7 @@ jobs: # Checkout code and set up Go environment # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Required for changelog generation token: ${{ secrets.github-token }} diff --git a/.github/workflows/fortress-security-scans.yml b/.github/workflows/fortress-security-scans.yml index 7a9b092..bd2fe87 100644 --- a/.github/workflows/fortress-security-scans.yml +++ b/.github/workflows/fortress-security-scans.yml @@ -75,7 +75,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables @@ -197,7 +197,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables @@ -355,7 +355,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Fetch all history so Gitleaks can scan commits diff --git a/.github/workflows/fortress-setup-config.yml b/.github/workflows/fortress-setup-config.yml index dc61220..99d9675 100644 --- a/.github/workflows/fortress-setup-config.yml +++ b/.github/workflows/fortress-setup-config.yml @@ -176,6 +176,9 @@ on: fork-security-mode: description: "Security mode for fork PRs (safe/unsafe)" value: ${{ jobs.setup-config.outputs.fork-security-mode }} + completion-report-enabled: + description: "Whether workflow completion report is enabled" + value: ${{ jobs.setup-config.outputs.completion-report-enabled }} # Security: Restrictive default permissions with job-level overrides for least privilege access permissions: contents: read @@ -229,6 +232,7 @@ jobs: redis-service-mode: ${{ steps.redis-config.outputs.redis-service-mode }} is-fork-pr: ${{ steps.fork-detection.outputs.is-fork-pr }} fork-security-mode: ${{ steps.fork-detection.outputs.fork-security-mode }} + completion-report-enabled: ${{ steps.config.outputs.completion-report-enabled }} steps: # -------------------------------------------------------------------- # Start timer to record workflow start time @@ -301,7 +305,7 @@ jobs: # Checkout code (sparse checkout) # -------------------------------------------------------------------- - name: 📥 Checkout (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .mage.yaml @@ -530,6 +534,7 @@ jobs: echo "fuzz-testing-enabled=${{ env.ENABLE_FUZZ_TESTING }}" >> $GITHUB_OUTPUT echo "go-tests-enabled=${{ env.ENABLE_GO_TESTS }}" >> $GITHUB_OUTPUT echo "pre-commit-enabled=${{ env.ENABLE_GO_PRE_COMMIT }}" >> $GITHUB_OUTPUT + echo "completion-report-enabled=${{ env.ENABLE_COMPLETION_REPORT }}" >> $GITHUB_OUTPUT # Detect if this is a release run if [[ "${{ github.ref }}" == refs/tags/v* ]]; then diff --git a/.github/workflows/fortress-test-fuzz.yml b/.github/workflows/fortress-test-fuzz.yml index 9de55b5..fdf8f5c 100644 --- a/.github/workflows/fortress-test-fuzz.yml +++ b/.github/workflows/fortress-test-fuzz.yml @@ -66,7 +66,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-test-magex.yml b/.github/workflows/fortress-test-magex.yml index 469e643..1fb0293 100644 --- a/.github/workflows/fortress-test-magex.yml +++ b/.github/workflows/fortress-test-magex.yml @@ -52,14 +52,14 @@ jobs: # Full checkout when using local build (needs cmd/magex directory) - name: 📥 Checkout (full - local build) if: env.MAGE_X_USE_LOCAL == 'true' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Sparse checkout when using remote build (optimization) - name: 📥 Checkout (sparse - remote build) if: env.MAGE_X_USE_LOCAL == 'false' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # Required for sparse checkout sparse-checkout: | diff --git a/.github/workflows/fortress-test-matrix.yml b/.github/workflows/fortress-test-matrix.yml index d000cbb..0b6a47a 100644 --- a/.github/workflows/fortress-test-matrix.yml +++ b/.github/workflows/fortress-test-matrix.yml @@ -125,7 +125,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-test-validation.yml b/.github/workflows/fortress-test-validation.yml index d64209d..89a40dd 100644 --- a/.github/workflows/fortress-test-validation.yml +++ b/.github/workflows/fortress-test-validation.yml @@ -55,7 +55,7 @@ jobs: # Checkout code (required for local actions) # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # -------------------------------------------------------------------- # Parse environment variables diff --git a/.github/workflows/fortress-warm-cache.yml b/.github/workflows/fortress-warm-cache.yml index 10012d5..f1c7a62 100644 --- a/.github/workflows/fortress-warm-cache.yml +++ b/.github/workflows/fortress-warm-cache.yml @@ -106,13 +106,13 @@ jobs: # -------------------------------------------------------------------- - name: 📥 Checkout code (full - multi-module) if: steps.extract.outputs.enable_multi_module == 'true' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: 📥 Checkout code (sparse - single module) if: steps.extract.outputs.enable_multi_module != 'true' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false sparse-checkout: | diff --git a/.github/workflows/fortress.yml b/.github/workflows/fortress.yml index a32e962..676be9b 100644 --- a/.github/workflows/fortress.yml +++ b/.github/workflows/fortress.yml @@ -92,7 +92,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base @@ -439,7 +439,11 @@ jobs: # ---------------------------------------------------------------------------------- completion-report: name: 📊 Workflow Completion Report - if: always() && !contains(fromJSON('["failure", "cancelled"]'), needs.setup.result) && !contains(fromJSON('["failure", "cancelled"]'), needs.test-magex.result) + if: | + always() && + needs.setup.outputs.completion-report-enabled == 'true' && + !contains(fromJSON('["failure", "cancelled"]'), needs.setup.result) && + !contains(fromJSON('["failure", "cancelled"]'), needs.test-magex.result) needs: [load-env, setup, test-magex, pre-commit, security, code-quality, test-suite, benchmarks, release, status-check] permissions: contents: read # Read repository content for completion report diff --git a/.github/workflows/pull-request-management-fork.yml b/.github/workflows/pull-request-management-fork.yml index 3209a6b..df65ffc 100644 --- a/.github/workflows/pull-request-management-fork.yml +++ b/.github/workflows/pull-request-management-fork.yml @@ -141,7 +141,7 @@ jobs: # codeql:ignore GH001 # checkov:skip=CKV_GHA_3:Base branch checkout is intentional and safe - name: 📥 Checkout base repo (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: # ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ # 🔒 CRITICAL SECURITY CONTROL: Base Branch Checkout Only diff --git a/.github/workflows/pull-request-management.yml b/.github/workflows/pull-request-management.yml index 1bcb806..187f60f 100644 --- a/.github/workflows/pull-request-management.yml +++ b/.github/workflows/pull-request-management.yml @@ -68,7 +68,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index fd13321..f3b8d63 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -39,7 +39,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/stale-check.yml b/.github/workflows/stale-check.yml index 5c9fb37..c536e0a 100644 --- a/.github/workflows/stale-check.yml +++ b/.github/workflows/stale-check.yml @@ -52,7 +52,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 1de86e9..85377af 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -65,7 +65,7 @@ jobs: # Check out code to access env file # -------------------------------------------------------------------- - name: 📥 Checkout code (sparse) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: sparse-checkout: | .github/.env.base @@ -135,7 +135,7 @@ jobs: # Checkout repository # -------------------------------------------------------------------- - name: 📥 Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 2 # Fetch enough history to check parent commits