diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 7df381f..a335ac3 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -34,7 +34,7 @@ jobs: egress-policy: audit - name: 'Checkout' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/ci-manual-build-test-sign.yml b/.github/workflows/ci-manual-build-test-sign.yml index 6557bbc..42ebebc 100644 --- a/.github/workflows/ci-manual-build-test-sign.yml +++ b/.github/workflows/ci-manual-build-test-sign.yml @@ -39,7 +39,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 98a4b83..1c9256b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -54,7 +54,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index f3ab11f..05a08a6 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Dependency Review' uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 3e31856..ae7b0a8 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -21,7 +21,7 @@ jobs: uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: microsoft/DevSkim-Action@v1 - uses: github/codeql-action/upload-sarif@v3 with: diff --git a/.github/workflows/generate-publish-docs.yml b/.github/workflows/generate-publish-docs.yml index 971a58e..14dc3ff 100644 --- a/.github/workflows/generate-publish-docs.yml +++ b/.github/workflows/generate-publish-docs.yml @@ -35,7 +35,7 @@ jobs: egress-policy: audit - name: 'Checkout' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/markdown-link-check.yml b/.github/workflows/markdown-link-check.yml index 0eec6ce..0acff43 100644 --- a/.github/workflows/markdown-link-check.yml +++ b/.github/workflows/markdown-link-check.yml @@ -28,7 +28,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Check for dead links in markdown files' uses: gaurav-nelson/github-action-markdown-link-check@1b916f2cf6c36510a6059943104e3c42ce6c16bc # 1.0.16