diff --git a/.github/workflows/part_docs.yml b/.github/workflows/part_docs.yml index 7ba39a0..dc576de 100644 --- a/.github/workflows/part_docs.yml +++ b/.github/workflows/part_docs.yml @@ -65,7 +65,7 @@ jobs: env: ATTESTATION: "${{ steps.attest-docs-provenance.outputs.bundle-path }}" - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: docs path: docs.tar.gz* diff --git a/.github/workflows/part_test.yml b/.github/workflows/part_test.yml index eb83d44..20c2255 100644 --- a/.github/workflows/part_test.yml +++ b/.github/workflows/part_test.yml @@ -140,7 +140,7 @@ jobs: eunit-${{ runner.os }}-${{ steps.setupBEAM.outputs.otp-version }}- - run: rebar3 eunit --cover --cover_export_name "eunit-${{ steps.setupBEAM.outputs.otp-version }}" continue-on-error: ${{ matrix.unstable }} - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: "${{ matrix.otp == needs.detectToolVersions.outputs.otpVersion }}" with: name: eunit-coverage-${{ matrix.otp }} @@ -187,7 +187,7 @@ jobs: ct-${{ runner.os }}-${{ steps.setupBEAM.outputs.otp-version }}- - run: rebar3 ct --cover --cover_export_name "ct-${{ steps.setupBEAM.outputs.otp-version }}" continue-on-error: ${{ matrix.unstable }} - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: "${{ matrix.otp == needs.detectToolVersions.outputs.otpVersion }}" with: name: ct-coverage-${{ matrix.otp }} @@ -249,7 +249,7 @@ jobs: - run: mix deps.get - run: mix test --cover --export-coverage "mix_test-${{ steps.setupBEAM.outputs.elixir-version }}" continue-on-error: ${{ matrix.unstable }} - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: "${{ matrix.otp == needs.detectToolVersions.outputs.otpVersion }}" with: name: mix_test-coverage-${{ matrix.elixir }} @@ -296,7 +296,7 @@ jobs: mix_test_coverage-deps-${{ runner.os }}-${{ steps.setupBEAM.outputs.otp-version }}-${{ steps.setupBEAM.outputs.elixir-version }}- - run: mix deps.get - run: mix test.coverage - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: coverage-report path: cover @@ -401,7 +401,7 @@ jobs: - run: mix deps.compile - run: mix credo --format sarif > results.sarif - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif category: credo diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 3a8a92d..d64327a 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -68,7 +68,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif