diff --git a/.github/workflows/bsim-tests-publish.yaml b/.github/workflows/bsim-tests-publish.yaml index 83aa87dcbbf..17d424f1849 100644 --- a/.github/workflows/bsim-tests-publish.yaml +++ b/.github/workflows/bsim-tests-publish.yaml @@ -24,7 +24,7 @@ jobs: run_id: ${{ github.event.workflow_run.id }} - name: Publish BabbleSim Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: BabbleSim Test Results comment_mode: off diff --git a/.github/workflows/bsim-tests.yaml b/.github/workflows/bsim-tests.yaml index 6d4f8eafe8d..ea9bc500075 100644 --- a/.github/workflows/bsim-tests.yaml +++ b/.github/workflows/bsim-tests.yaml @@ -189,7 +189,7 @@ jobs: - name: Upload Unit Test Results in HTML if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: HTML Unit Test Results if-no-files-found: ignore @@ -197,7 +197,7 @@ jobs: junit.html - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: Bsim Test Results files: "junit.xml" @@ -205,7 +205,7 @@ jobs: - name: Upload Event Details if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: event path: | diff --git a/.github/workflows/bug_snapshot.yaml b/.github/workflows/bug_snapshot.yaml index a03d5213717..8ab3035bf03 100644 --- a/.github/workflows/bug_snapshot.yaml +++ b/.github/workflows/bug_snapshot.yaml @@ -51,7 +51,7 @@ jobs: echo "BUGS_PICKLE_PATH=${BUGS_PICKLE_PATH}" >> ${GITHUB_ENV} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_BUG_SNAPSHOT_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/clang.yaml b/.github/workflows/clang.yaml index 71ebab29768..4096bd2c05a 100644 --- a/.github/workflows/clang.yaml +++ b/.github/workflows/clang.yaml @@ -123,7 +123,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results (Subset ${{ matrix.subset }}) path: | @@ -146,7 +146,7 @@ jobs: persist-credentials: false - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: artifacts @@ -168,7 +168,7 @@ jobs: - name: Upload Unit Test Results in HTML if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: HTML Unit Test Results if-no-files-found: ignore @@ -176,7 +176,7 @@ jobs: junit-clang.html - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 if: always() with: check_name: Unit Test Results diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml index 0061dabc8d4..1f40acfaedd 100644 --- a/.github/workflows/codecov.yaml +++ b/.github/workflows/codecov.yaml @@ -126,7 +126,7 @@ jobs: - name: Upload Doxygen Coverage Results if: matrix.platform == 'unit_testing' - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: doxygen-coverage-results path: | @@ -145,7 +145,7 @@ jobs: - name: Upload Coverage Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Coverage Data (Subset ${{ matrix.normalized }}) path: | @@ -177,7 +177,7 @@ jobs: pip install -r scripts/requirements-actions.txt --require-hashes - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: coverage/reports @@ -242,7 +242,7 @@ jobs: - name: Upload Merged Coverage Results and Report if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Coverage Data and report path: | diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ad8e9669c48..dd3aa9b9f7d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -53,6 +53,6 @@ jobs: exit 0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index 2646caed111..26e41485ef6 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -91,14 +91,14 @@ jobs: ./scripts/ci/check_compliance.py --annotate $excludes -c origin/${BASE_REF}.. - name: upload-results - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: compliance.xml path: compliance.xml - name: Upload dts linter patch - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true if: hashFiles('dts_linter.patch') != '' with: diff --git a/.github/workflows/daily_test_version.yml b/.github/workflows/daily_test_version.yml index 177b1122ce8..d604c7fe9d3 100644 --- a/.github/workflows/daily_test_version.yml +++ b/.github/workflows/daily_test_version.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/doc-build.yml b/.github/workflows/doc-build.yml index 75234ce753d..845836c329e 100644 --- a/.github/workflows/doc-build.yml +++ b/.github/workflows/doc-build.yml @@ -156,13 +156,13 @@ jobs: tar --use-compress-program="xz -T0" -cf api-coverage.tar.xz coverage-report - name: Upload HTML output - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: html-output path: html-output.tar.xz - name: Upload Doxygen coverage artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: api-coverage path: api-coverage.tar.xz @@ -183,7 +183,7 @@ jobs: echo "API Coverage Report will be available shortly at: ${API_COVERAGE_URL}" >> $GITHUB_STEP_SUMMARY - name: Upload PR number - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: github.event_name == 'pull_request' with: name: pr_num @@ -259,7 +259,7 @@ jobs: - name: upload-build if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: pdf-output if-no-files-found: ignore diff --git a/.github/workflows/doc-publish-pr.yml b/.github/workflows/doc-publish-pr.yml index bcaaa284663..054046815b2 100644 --- a/.github/workflows/doc-publish-pr.yml +++ b/.github/workflows/doc-publish-pr.yml @@ -66,7 +66,7 @@ jobs: - name: Configure AWS Credentials if: steps.download-artifacts.outputs.found_artifact == 'true' - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_BUILDS_ZEPHYR_PR_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_BUILDS_ZEPHYR_PR_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/doc-publish.yml b/.github/workflows/doc-publish.yml index 74698d00fb6..14c620846e1 100644 --- a/.github/workflows/doc-publish.yml +++ b/.github/workflows/doc-publish.yml @@ -40,7 +40,7 @@ jobs: fi - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_DOCS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_DOCS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/footprint-tracking.yml b/.github/workflows/footprint-tracking.yml index c703975f4e5..8c60d69d730 100644 --- a/.github/workflows/footprint-tracking.yml +++ b/.github/workflows/footprint-tracking.yml @@ -89,7 +89,7 @@ jobs: west update 2>&1 1> west.update.log || west update 2>&1 1> west.update2.log - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/hello_world_multiplatform.yaml b/.github/workflows/hello_world_multiplatform.yaml index cc1911a3f75..6d4e5cf369b 100644 --- a/.github/workflows/hello_world_multiplatform.yaml +++ b/.github/workflows/hello_world_multiplatform.yaml @@ -80,7 +80,7 @@ jobs: - name: Upload artifacts if: failure() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: if-no-files-found: ignore path: diff --git a/.github/workflows/issue_count.yml b/.github/workflows/issue_count.yml index 0bd47bd8d8f..a7bfe9e2507 100644 --- a/.github/workflows/issue_count.yml +++ b/.github/workflows/issue_count.yml @@ -38,14 +38,14 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: upload-stats - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: ${{ env.OUTPUT_FILE_NAME }} path: ${{ env.OUTPUT_FILE_NAME }} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0 with: aws-access-key-id: ${{ vars.AWS_TESTING_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_TESTING_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml index f0593a79f0e..b7547d95e65 100644 --- a/.github/workflows/license_check.yml +++ b/.github/workflows/license_check.yml @@ -20,7 +20,7 @@ jobs: with: directory-to-scan: 'scan/' - name: Artifact Upload - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: scancode path: ./artifacts diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 50dc4a29e2b..dcaca963a01 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,7 @@ jobs: args: spdx -o zephyr-${{ steps.get_version.outputs.VERSION }}.spdx - name: upload-results - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 continue-on-error: true with: name: zephyr-${{ steps.get_version.outputs.VERSION }}.spdx diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 965915465e5..8c35bee033e 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -47,7 +47,7 @@ jobs: # uploads of run results in SARIF format to the repository Actions tab. # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: SARIF file path: results.sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: sarif_file: results.sarif diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index 761f7244af7..79b305628fb 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -283,7 +283,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results (Subset ${{ matrix.subset }}) if-no-files-found: ignore @@ -305,7 +305,7 @@ jobs: - if: matrix.subset == 1 && github.event_name == 'push' name: Upload the list of Python packages - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Frozen PIP package set path: | @@ -341,7 +341,7 @@ jobs: pip install -r scripts/requirements-actions.txt --require-hashes - name: Download Artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: artifacts @@ -352,7 +352,7 @@ jobs: - name: Upload Unit Test Results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Unit Test Results if-no-files-found: ignore @@ -367,7 +367,7 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} - name: Publish Unit Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0 with: check_name: Unit Test Results files: "**/twister.xml" @@ -384,7 +384,7 @@ jobs: - name: Upload Twister Analysis Results if: needs.twister-build.result == 'failure' - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: Twister Analysis Results if-no-files-found: ignore