diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 17700bcde..8abd53296 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -68,7 +68,14 @@ jobs: variant: bisheng image: adoptopenjdk/centos7_build_image steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + # setup Node.js 20 from unofficial Mirror when using centos7_build_image + - uses: dcodeIO/setup-node-nvm@b6d6ed786666dee7d42186617cbb1394070de579 # v5 + if: matrix.image == 'adoptopenjdk/centos7_build_image' + with: + node-version: 20 + node-mirror: https://unofficial-builds.nodejs.org/download/release/ + + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Build Linux run: ./build-farm/make-adopt-build-farm.sh @@ -122,7 +129,7 @@ jobs: variant: [temurin] steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Install Dependencies run: | @@ -294,7 +301,7 @@ jobs: shell: bash run: mkdir -p "$HOME" && git config --system core.autocrlf false && git config --global --add safe.directory '*' - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: set-safe-directory: false diff --git a/.github/workflows/ca-cert-updater.yml b/.github/workflows/ca-cert-updater.yml index 5582d24ea..8e1a98aa4 100644 --- a/.github/workflows/ca-cert-updater.yml +++ b/.github/workflows/ca-cert-updater.yml @@ -13,7 +13,7 @@ jobs: if: startsWith(github.repository, 'adoptium/') runs-on: ubuntu-latest steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index f1b9b5e56..2d16ee8eb 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -42,7 +42,7 @@ jobs: # Checkout the code base # ########################## - name: Checkout Code - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 73c96d0ec..1b81b44af 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -20,7 +20,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 diff --git a/.github/workflows/signsbom.yml b/.github/workflows/signsbom.yml index 1b61f09b9..74ba7860a 100644 --- a/.github/workflows/signsbom.yml +++ b/.github/workflows/signsbom.yml @@ -22,7 +22,7 @@ jobs: strategy: fail-fast: false steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 # Build with jdk17 to ensure TemurinSignSBOM meets min compatibility - uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2 # v3.12.0 diff --git a/.github/workflows/testsbom.yml b/.github/workflows/testsbom.yml index 361249c77..e0ec80170 100644 --- a/.github/workflows/testsbom.yml +++ b/.github/workflows/testsbom.yml @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 # Build with jdk8 to ensure TemurinGenSBOM meets min compatibility - uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2 # v3.12.0