diff --git a/.github/workflows/autofix.yaml b/.github/workflows/autofix.yaml index 434c354de..ab495fcba 100644 --- a/.github/workflows/autofix.yaml +++ b/.github/workflows/autofix.yaml @@ -37,7 +37,7 @@ jobs: black_params: ${{ steps.project-metadata.outputs.black_params }} ruff_params: ${{ steps.project-metadata.outputs.ruff_params }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Checkout pull request HEAD commit to ignore actions/checkout's merge commit. Fallback to push SHA. ref: ${{ github.event.pull_request.head.sha || github.sha }} @@ -68,7 +68,7 @@ jobs: if: needs.project-metadata.outputs.python_files || needs.project-metadata.outputs.doc_files runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -147,7 +147,7 @@ jobs: name: Format Markdown runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -197,7 +197,7 @@ jobs: name: Format JSON runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Install jsonlint run: | sudo npm install --global jsonlint @@ -228,7 +228,7 @@ jobs: outputs: exists: ${{ steps.detection.outputs.exists }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - id: detection # Bare-called reused workflow are not fed with defaults, so force it here. run: | @@ -245,7 +245,7 @@ jobs: if: needs.check-gitignore.outputs.exists runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Install git-extras run: | sudo apt update diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yaml index 23bbed927..321f70620 100644 --- a/.github/workflows/changelog.yaml +++ b/.github/workflows/changelog.yaml @@ -31,7 +31,7 @@ jobs: - minor - major steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -98,7 +98,7 @@ jobs: # keep the release date in sync. runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 1e61cb753..132b557c6 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -24,7 +24,7 @@ jobs: name: Fix typos runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 # XXX Use unreleased dev version while we wait for a new one to be cut. See: # https://github.com/sobolevn/misspell-fixer-action/issues/15 - uses: sobolevn/misspell-fixer-action@8842a5615f83fed75e8a87015e9300a54d049961 @@ -54,7 +54,7 @@ jobs: name: Optimize images runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 # XXX Waiting for a recent release for image-actions so we'll get rid of some warning annotations like # "Unexpected input(s) 'compressOnly'". See: https://github.com/calibreapp/image-actions/issues/128 - uses: calibreapp/image-actions@1.1.0 @@ -89,7 +89,7 @@ jobs: outputs: exists: ${{ steps.detection.outputs.exists }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - id: detection run: | echo "exists=$( [[ -f './.mailmap' ]] && echo 'true' )" >> "$GITHUB_OUTPUT" @@ -105,7 +105,7 @@ jobs: if: needs.check-mailmap.outputs.exists runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Fetch all history to extract all contributors. fetch-depth: 0 @@ -143,7 +143,7 @@ jobs: is_sphinx: ${{ steps.project-metadata.outputs.is_sphinx }} active_autodoc: ${{ steps.project-metadata.outputs.active_autodoc }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Checkout pull request HEAD commit to ignore actions/checkout's merge commit. Fallback to push SHA. ref: ${{ github.event.pull_request.head.sha || github.sha }} @@ -174,7 +174,7 @@ jobs: if: fromJSON(needs.project-metadata.outputs.is_poetry_project) runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -230,7 +230,7 @@ jobs: && fromJSON(needs.project-metadata.outputs.active_autodoc) runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -272,7 +272,7 @@ jobs: if: fromJSON(needs.project-metadata.outputs.is_poetry_project) && fromJSON(needs.project-metadata.outputs.is_sphinx) runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" diff --git a/.github/workflows/labeller-file-based.yaml b/.github/workflows/labeller-file-based.yaml index 31afdc5f4..e18f85e6d 100644 --- a/.github/workflows/labeller-file-based.yaml +++ b/.github/workflows/labeller-file-based.yaml @@ -30,7 +30,7 @@ jobs: && github.actor != 'dependabot-preview[bot]' runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Download default rules run: > curl -fsSL --output ./.github/labeller-file-based.yaml diff --git a/.github/workflows/labels.yaml b/.github/workflows/labels.yaml index 873b55a21..9ed5acb56 100644 --- a/.github/workflows/labels.yaml +++ b/.github/workflows/labels.yaml @@ -23,7 +23,7 @@ jobs: name: Sync labels runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Sync labels uses: julb/action-manage-label@1.0.1 env: diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 105575786..ac86bff75 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -25,7 +25,7 @@ jobs: ruff_params: ${{ steps.project-metadata.outputs.ruff_params }} mypy_params: ${{ steps.project-metadata.outputs.mypy_params }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Checkout pull request HEAD commit to ignore actions/checkout's merge commit. Fallback to push SHA. ref: ${{ github.event.pull_request.head.sha || github.sha }} @@ -56,7 +56,7 @@ jobs: if: github.head_ref != 'prepare-release' && needs.project-metadata.outputs.python_files runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -79,7 +79,7 @@ jobs: if: github.head_ref != 'prepare-release' && needs.project-metadata.outputs.python_files runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -112,7 +112,7 @@ jobs: if: github.head_ref != 'prepare-release' runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: actions/setup-python@v4.7.0 with: python-version: "3.11" @@ -130,7 +130,7 @@ jobs: lint-zsh: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Install Zsh run: | sudo apt update @@ -142,7 +142,7 @@ jobs: lint-github-action: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - name: Install actionlint id: install_actionlint run: | @@ -184,7 +184,7 @@ jobs: # action blindly creates issues ad-nauseam. See: https://github.com/peter-evans/create-issue-from-file/issues/298 . # This was also discussed at: https://github.com/lycheeverse/lychee-action/issues/74#issuecomment-1587089689 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 - uses: lycheeverse/lychee-action@v1.8.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -287,7 +287,7 @@ jobs: if: startsWith(github.event.repository.name, 'awesome-') runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Fetch all history to please linter's age checks. fetch-depth: 0 @@ -298,7 +298,7 @@ jobs: check-secrets: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: fetch-depth: 0 - uses: gitleaks/gitleaks-action@v2.3.2 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1a3a826d2..f0149ff1a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -38,7 +38,7 @@ jobs: is_poetry_project: ${{ steps.project-metadata.outputs.is_poetry_project }} package_name: ${{ steps.project-metadata.outputs.package_name }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: # Checkout pull request HEAD commit to ignore actions/checkout's merge commit. Fallback to push SHA. ref: ${{ github.event.pull_request.head.sha || github.sha }} @@ -77,7 +77,7 @@ jobs: matrix: ${{ fromJSON(needs.project-metadata.outputs.new_commits_matrix) }} runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: ref: ${{ matrix.commit }} - uses: actions/setup-python@v4.7.0 @@ -117,7 +117,7 @@ jobs: matrix: ${{ fromJSON(needs.project-metadata.outputs.nuitka_matrix) }} runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: ref: ${{ matrix.commit }} - uses: actions/setup-python@v4.7.0 @@ -171,7 +171,7 @@ jobs: outputs: tagged_version: ${{ steps.get_version.outputs.current_version }} steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@v4.0.0 with: ref: ${{ matrix.commit }} - uses: actions/setup-python@v4.7.0