diff --git a/.github/workflows/Lockfile.yml b/.github/workflows/Lockfile.yml index a66d64b05..357b13da2 100644 --- a/.github/workflows/Lockfile.yml +++ b/.github/workflows/Lockfile.yml @@ -28,7 +28,7 @@ jobs: sh.jbang.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/LockfilePR.yml b/.github/workflows/LockfilePR.yml index cc162cc8c..179f42060 100644 --- a/.github/workflows/LockfilePR.yml +++ b/.github/workflows/LockfilePR.yml @@ -26,7 +26,7 @@ jobs: sh.jbang.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml index c81e81d05..12ef6ea05 100644 --- a/.github/workflows/code-qualitiy.yml +++ b/.github/workflows/code-qualitiy.yml @@ -31,7 +31,7 @@ jobs: rekor.sigstore.dev:443 - name: Checkout repostiory - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 @@ -83,7 +83,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 53a19d31f..fc37fdb56 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -60,7 +60,7 @@ jobs: uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2afdd42d2..419d7564f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -28,7 +28,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml index 00d1597f9..914479269 100644 --- a/.github/workflows/doc.yml +++ b/.github/workflows/doc.yml @@ -23,7 +23,7 @@ jobs: repo.maven.apache.org:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/ensure-release-notrunning.yml b/.github/workflows/ensure-release-notrunning.yml index 7ffe36e1c..e07df6f6b 100644 --- a/.github/workflows/ensure-release-notrunning.yml +++ b/.github/workflows/ensure-release-notrunning.yml @@ -21,7 +21,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum index fb1d0b358..90e4198d8 100755 --- a/.github/workflows/gha.sum +++ b/.github/workflows/gha.sum @@ -2,6 +2,7 @@ version 1 actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 xizZh3f6SQipDN8OULmHn5pM+d2g1xWEP+rD7K+KVVA= actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 aYx2ZNrV/U9daVa5XJLnuR3depD7lQqzkyRhH4E9bOU= +actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd s/NQMxIFsmRFac7hJyF3QlZIJ3YbGpNiS5zPtPJgB1s= actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 rW3CGfHqpw6wyWp6TTrui6+63RSWRox4n9J+uZR7H4c= actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 0qLZUqMcil7hZ8idJYYxI/LgdETqnWR0T02izCncHy4= actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 XE1eqHfEOlHsHx+3cUQA1OGC3jxGBnmx7eTIdEzwSoI= diff --git a/.github/workflows/ghasum.yml b/.github/workflows/ghasum.yml index d4523e53f..68e740d60 100644 --- a/.github/workflows/ghasum.yml +++ b/.github/workflows/ghasum.yml @@ -23,7 +23,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/jreleaser-beta.yml b/.github/workflows/jreleaser-beta.yml index d5803eeac..627321e79 100644 --- a/.github/workflows/jreleaser-beta.yml +++ b/.github/workflows/jreleaser-beta.yml @@ -28,7 +28,7 @@ jobs: # Setups the environment - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} diff --git a/.github/workflows/jreleaser.yml b/.github/workflows/jreleaser.yml index c72041cbc..37c10aacd 100644 --- a/.github/workflows/jreleaser.yml +++ b/.github/workflows/jreleaser.yml @@ -36,7 +36,7 @@ jobs: # Setups the environment - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml index 7ceb50a9b..49937f639 100644 --- a/.github/workflows/osv-scanner-pr.yml +++ b/.github/workflows/osv-scanner-pr.yml @@ -35,7 +35,7 @@ jobs: repo.spring.io:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml index 961cd7fe6..5e7c15d28 100644 --- a/.github/workflows/osv-scanner-scheduled.yml +++ b/.github/workflows/osv-scanner-scheduled.yml @@ -33,7 +33,7 @@ jobs: # Setups the environment - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/regenerate-lockfile.yml b/.github/workflows/regenerate-lockfile.yml index 341bc7fdd..1ee1c0087 100644 --- a/.github/workflows/regenerate-lockfile.yml +++ b/.github/workflows/regenerate-lockfile.yml @@ -26,7 +26,7 @@ jobs: sh.jbang.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 30115715a..e1331d3e3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -51,7 +51,7 @@ jobs: www.bestpractices.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/smoke-tests.yml b/.github/workflows/smoke-tests.yml index ac19df024..0e4a92c48 100644 --- a/.github/workflows/smoke-tests.yml +++ b/.github/workflows/smoke-tests.yml @@ -38,7 +38,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Verify action checksums uses: chains-project/maven-lockfile/.github/actions/ghasum@219e4f3829570e41a62b17a1410ec615ca585af1 # 5.10.0 diff --git a/action.yml b/action.yml index d4723d9ff..59f15a82b 100644 --- a/action.yml +++ b/action.yml @@ -31,7 +31,7 @@ runs: using: "composite" steps: - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref }} diff --git a/template/action.yml b/template/action.yml index 976756a2d..9ede80dff 100644 --- a/template/action.yml +++ b/template/action.yml @@ -31,7 +31,7 @@ runs: using: "composite" steps: - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref }}