diff --git a/.github/workflows/api-extractor.yml b/.github/workflows/api-extractor.yml index 87bf0d4d247..4b0be16f1d7 100644 --- a/.github/workflows/api-extractor.yml +++ b/.github/workflows/api-extractor.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/arethetypeswrong.yml b/.github/workflows/arethetypeswrong.yml index ee0714e1554..59522db2842 100644 --- a/.github/workflows/arethetypeswrong.yml +++ b/.github/workflows/arethetypeswrong.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - name: Setup Node.js diff --git a/.github/workflows/change-prerelease-tag.yml b/.github/workflows/change-prerelease-tag.yml index 881650c9ba1..ed13f1ca8af 100644 --- a/.github/workflows/change-prerelease-tag.yml +++ b/.github/workflows/change-prerelease-tag.yml @@ -32,7 +32,7 @@ jobs: # Check out the repository, using the Github Actions Bot app's token so # that we can push later. - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: token: ${{ steps.github-actions-bot-app-token.outputs.token }} # Checkout release branch entered when workflow was kicked off diff --git a/.github/workflows/cleanup-checks.yml b/.github/workflows/cleanup-checks.yml index 20fa67e34f1..7ac97e7546a 100644 --- a/.github/workflows/cleanup-checks.yml +++ b/.github/workflows/cleanup-checks.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - name: add label @@ -42,7 +42,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: # git-auto-commit-action requires persist-credentials set to true # https://github.com/stefanzweifel/git-auto-commit-action#action-does-not-push-commit-to-repository-authentication-issue diff --git a/.github/workflows/compare-build-output.yml b/.github/workflows/compare-build-output.yml index 86b53f8801b..62837e85d58 100644 --- a/.github/workflows/compare-build-output.yml +++ b/.github/workflows/compare-build-output.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: # Fetch entire git history so we have the parent commit to compare against fetch-depth: 0 diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 4837e3952d2..e98dd631baa 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -26,7 +26,7 @@ jobs: # If you do not check out your code, Copilot will do this for you. steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/docmodel.yml b/.github/workflows/docmodel.yml index a900b2abd2e..8299004dd6a 100644 --- a/.github/workflows/docmodel.yml +++ b/.github/workflows/docmodel.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/exit-prerelease.yml b/.github/workflows/exit-prerelease.yml index 6b6c0bf1401..798dc190da4 100644 --- a/.github/workflows/exit-prerelease.yml +++ b/.github/workflows/exit-prerelease.yml @@ -27,7 +27,7 @@ jobs: # Check out the repository, using the Github Actions Bot app's token so # that we can push later. - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: token: ${{ steps.github-actions-bot-app-token.outputs.token }} # Checkout release branch entered when workflow was kicked off diff --git a/.github/workflows/knip.yml b/.github/workflows/knip.yml index f09f963586b..280180cac6c 100644 --- a/.github/workflows/knip.yml +++ b/.github/workflows/knip.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest name: Ubuntu/Node v24 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 5f7ddfcf7d1..4a598eb664f 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -31,7 +31,7 @@ jobs: # Check out the repository, using the Github Actions Bot app's token so # that we can push later. - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: token: ${{ steps.github-actions-bot-app-token.outputs.token }} # Fetch entire git history so Changesets can generate changelogs diff --git a/.github/workflows/publish-pr-releases.yml b/.github/workflows/publish-pr-releases.yml index aee34aef254..f89f1e648e3 100644 --- a/.github/workflows/publish-pr-releases.yml +++ b/.github/workflows/publish-pr-releases.yml @@ -20,7 +20,7 @@ jobs: pull-requests: write steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6d950f27864..fe3e1ace6cc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,7 +29,7 @@ jobs: publishedPackages: ${{ steps.changesets.outputs.publishedPackages || steps.changesets-prerelease.outputs.publishedPackages }} steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: # Fetch entire git history so Changesets can generate changelogs # with the correct commits @@ -146,7 +146,7 @@ jobs: package: ${{ fromJSON(needs.release.outputs.publishedPackages) }} steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/scheduled-test-canary.yml b/.github/workflows/scheduled-test-canary.yml index 9c7e9af7df9..19e7925f250 100644 --- a/.github/workflows/scheduled-test-canary.yml +++ b/.github/workflows/scheduled-test-canary.yml @@ -26,7 +26,7 @@ jobs: tag: ${{ fromJson(github.event_name == 'workflow_dispatch' && inputs.tags || '["canary", "experimental"]') }} branch: ${{ fromJson(github.event_name == 'workflow_dispatch' && inputs.branches || '["main", "release-3.13", "release-4.0"]') }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: ref: ${{ matrix.branch }} persist-credentials: false diff --git a/.github/workflows/size-limit.yml b/.github/workflows/size-limit.yml index 86434939b60..80b5d60097a 100644 --- a/.github/workflows/size-limit.yml +++ b/.github/workflows/size-limit.yml @@ -13,7 +13,7 @@ jobs: pull-requests: write steps: - name: Checkout repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - name: Setup Node.js diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 9b75285c055..c4fe7b9afed 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -18,7 +18,7 @@ jobs: actions: read # Only needed for private repos. Needed for upload-sarif to read workflow run info. steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false