diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 04fa51cfe..5df2185ed 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: name: Lint & Test Build if: github.event_name == 'pull_request' runs-on: ubuntu-24.04 - container: node:22.20.0-alpine3.22@sha256:cb3143549582cc5f74f26f0992cdef4a422b22128cb517f94173a5f910fa4ee7 + container: node:22.20.0-alpine3.22@sha256:dbcedd8aeab47fbc0f4dd4bffa55b7c3c729a707875968d467aaaea42d6225af steps: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 @@ -31,7 +31,7 @@ jobs: persist-credentials: false - name: Pnpm Setup - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Get pnpm store directory shell: sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 199b830df..55a3485db 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -42,15 +42,15 @@ jobs: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7 with: languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/autobuild@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7 with: category: '/language:${{ matrix.language }}' diff --git a/.github/workflows/cypress.yml b/.github/workflows/cypress.yml index 76ffa2151..7c88b96b9 100644 --- a/.github/workflows/cypress.yml +++ b/.github/workflows/cypress.yml @@ -48,7 +48,7 @@ jobs: package-manager-cache: false - name: Pnpm Setup - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Install dependencies run: pnpm install --frozen-lockfile diff --git a/.github/workflows/docs-deploy.yml b/.github/workflows/docs-deploy.yml index fc98ab793..4d072e4a4 100644 --- a/.github/workflows/docs-deploy.yml +++ b/.github/workflows/docs-deploy.yml @@ -34,7 +34,7 @@ jobs: package-manager-cache: false - name: Pnpm Setup - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Get pnpm store directory shell: sh diff --git a/.github/workflows/test-docs-deploy.yml b/.github/workflows/test-docs-deploy.yml index 1fb49859d..040f7db0c 100644 --- a/.github/workflows/test-docs-deploy.yml +++ b/.github/workflows/test-docs-deploy.yml @@ -36,7 +36,7 @@ jobs: package-manager-cache: false - name: Pnpm Setup - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Get pnpm store directory shell: sh diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 008c64862..61d9427ab 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -56,6 +56,6 @@ jobs: ignore-unfixed: true - name: Upload SARIF to code scanning - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7 with: sarif_file: trivy.sarif