diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0b56691552a..b7fe8338e27 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -52,10 +52,10 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install Ubuntu packages run: sudo apt-get -y install protobuf-compiler - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v.6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v.6.1.0 with: python-version: '3.11' - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 @@ -74,7 +74,7 @@ jobs: with: toolchain: stable - name: Setup cache - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 if: steps.modified.outputs.rust_src == 'true' with: workspaces: "./quickwit -> target" @@ -110,7 +110,7 @@ jobs: contents: read actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: modified with: @@ -136,7 +136,7 @@ jobs: toolchain: stable - name: Setup cache if: steps.modified.outputs.rust_src == 'true' - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 with: workspaces: "./quickwit -> target" - name: Install cargo deny @@ -173,14 +173,14 @@ jobs: contents: read actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # master with: toolchain: stable - name: Cache cargo tools - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 with: path: ~/.cargo/bin key: ${{ runner.os }}-cargo-tools-${{ hashFiles('**/Cargo.lock') }} diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 936a7e7b8a7..bbc0d270e38 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -109,7 +109,7 @@ jobs: PUBSUB_PROJECT1: "quickwit-emulator,emulator_topic:emulator_subscription" steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install lib libsasl2 run: | @@ -117,11 +117,11 @@ jobs: sudo apt install libsasl2-dev sudo apt install libsasl2-2 - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v.6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v.6.1.0 with: python-version: '3.11' - - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 with: path: | ~/.cargo/git @@ -158,7 +158,7 @@ jobs: run: rustup update stable - name: Install cargo-llvm-cov, cargo-nextest, and protoc - uses: taiki-e/install-action@763e3324d4fd026c9bd284c504378585777a87d5 # v2.62.57 + uses: taiki-e/install-action@d850aa816998e5cf15f67a78c7b933f2a5033f8a # v2.63.3 with: tool: cargo-llvm-cov,nextest,protoc @@ -173,7 +173,7 @@ jobs: working-directory: ./quickwit - name: Upload coverage to Codecov - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 with: token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos files: ./quickwit/lcov.info diff --git a/.github/workflows/dependency.yml b/.github/workflows/dependency.yml index cdcc35b81fd..bb179b25578 100644 --- a/.github/workflows/dependency.yml +++ b/.github/workflows/dependency.yml @@ -14,9 +14,9 @@ jobs: runs-on: ubuntu-latest steps: - name: "Checkout Repository" - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: "Dependency Review" - uses: actions/dependency-review-action@125b99508212ce1cc3076ad60f6bd63bf6d88a66 # v4.8.1 + uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4.8.1 with: # This is an minor vuln on the rsa crate, used for # google storage. diff --git a/.github/workflows/publish_cross_images.yml b/.github/workflows/publish_cross_images.yml index 56dc94f60b3..371e12a3569 100644 --- a/.github/workflows/publish_cross_images.yml +++ b/.github/workflows/publish_cross_images.yml @@ -19,7 +19,7 @@ jobs: name: production steps: - name: Check out the repo - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Log in to Docker Hub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: diff --git a/.github/workflows/publish_docker_images.yml b/.github/workflows/publish_docker_images.yml index 037c76e4c2b..51ad4de8b25 100644 --- a/.github/workflows/publish_docker_images.yml +++ b/.github/workflows/publish_docker_images.yml @@ -38,7 +38,7 @@ jobs: name: production steps: - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Login to Docker Hub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -54,7 +54,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: | ${{ env.REGISTRY_IMAGE }} @@ -96,7 +96,7 @@ jobs: touch "/tmp/digests/${digest#sha256:}" - name: Upload digest - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: digest-${{ matrix.platform_suffix }} path: /tmp/digests/* @@ -112,7 +112,7 @@ jobs: environment: production steps: - name: Download digests - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: pattern: digest-* path: /tmp/digests @@ -123,7 +123,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.REGISTRY_IMAGE }} flavor: | diff --git a/.github/workflows/publish_nightly_packages.yml b/.github/workflows/publish_nightly_packages.yml index aff2d5f391b..a57c17d0e7d 100644 --- a/.github/workflows/publish_nightly_packages.yml +++ b/.github/workflows/publish_nightly_packages.yml @@ -20,7 +20,7 @@ jobs: matrix: target: [x86_64-apple-darwin, aarch64-apple-darwin] steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/cargo-build-macos-binary with: target: ${{ matrix.target }} @@ -37,7 +37,7 @@ jobs: contents: write actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/cross-build-binary with: target: ${{ matrix.target }} diff --git a/.github/workflows/publish_release_packages.yml b/.github/workflows/publish_release_packages.yml index 93250de04f3..2be2e51fca4 100644 --- a/.github/workflows/publish_release_packages.yml +++ b/.github/workflows/publish_release_packages.yml @@ -20,7 +20,7 @@ jobs: target: [x86_64-apple-darwin, aarch64-apple-darwin] steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Extract asset version run: echo "ASSET_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV - uses: ./.github/actions/cargo-build-macos-binary @@ -39,7 +39,7 @@ jobs: contents: write actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Extract asset version run: echo "ASSET_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV - uses: ./.github/actions/cross-build-binary diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2ba9e7be205..90aee06259a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -23,7 +23,7 @@ jobs: steps: - name: 'Checkout code' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -37,7 +37,7 @@ jobs: # Upload the results as artifacts. - name: 'Upload artifact' - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: SARIF file path: results.sarif @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: sarif_file: results.sarif diff --git a/.github/workflows/ui-ci.yml b/.github/workflows/ui-ci.yml index bfb5e59dff9..dab52cf918c 100644 --- a/.github/workflows/ui-ci.yml +++ b/.github/workflows/ui-ci.yml @@ -65,8 +65,8 @@ jobs: RUSTDOCFLAGS: -Dwarnings -Arustdoc::private_intra_doc_links QW_TEST_DATABASE_URL: postgres://quickwit-dev:quickwit-dev@postgres:5432/quickwit-metastore-dev steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: 20 cache: "yarn" @@ -80,7 +80,7 @@ jobs: working-directory: ./quickwit - name: Setup Rust cache if: matrix.task.name == 'Cypress run' - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 with: workspaces: "./quickwit -> target" - name: ${{ matrix.task.name }}