diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1d0414e2b8..b8fdf7f5df 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/deployFreighterApiBeta.yml b/.github/workflows/deployFreighterApiBeta.yml index d92dfd7d25..202b7f0764 100644 --- a/.github/workflows/deployFreighterApiBeta.yml +++ b/.github/workflows/deployFreighterApiBeta.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: ref: release/${{ github.event.inputs.release }} fetch-depth: 0 @@ -41,7 +41,7 @@ jobs: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 #v2.3.3 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 #v2.4.0 env: MSG_MINIMAL: true SLACK_CHANNEL: team-wallet-eng diff --git a/.github/workflows/deployFreighterApiProduction.yml b/.github/workflows/deployFreighterApiProduction.yml index d695005080..625c75709b 100644 --- a/.github/workflows/deployFreighterApiProduction.yml +++ b/.github/workflows/deployFreighterApiProduction.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 - name: Enable Corepack @@ -38,13 +38,13 @@ jobs: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 #v7.0.9 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 #v8.1.1 with: title: Bump @stellar/freighter-api version to ${{ github.event.inputs.version }} - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 #v2.3.3 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 #v2.4.0 env: MSG_MINIMAL: true SLACK_CHANNEL: release diff --git a/.github/workflows/newRelease.yml b/.github/workflows/newRelease.yml index 357c4effa8..bef8eec811 100644 --- a/.github/workflows/newRelease.yml +++ b/.github/workflows/newRelease.yml @@ -52,7 +52,7 @@ jobs: echo "branch=${BRANCH}" >> $GITHUB_OUTPUT - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 0 fetch-tags: true @@ -197,7 +197,7 @@ jobs: - name: Open PR against release branch if: ${{ steps.commit_version_branch.outputs.has_changes == 'true' }} - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: APP_VERSION: ${{ steps.normalize_version.outputs.app_version }} RELEASE_BRANCH: ${{ steps.set_branches.outputs.release_branch }} @@ -296,7 +296,7 @@ jobs: if: inputs.branch == 'master' && steps.commit_and_push_bump_version.outputs.has_changes == 'true' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: APP_VERSION: ${{ steps.normalize_version.outputs.app_version }} with: diff --git a/.github/workflows/prPreview.yml b/.github/workflows/prPreview.yml index 38c7262439..5c65a48e1e 100644 --- a/.github/workflows/prPreview.yml +++ b/.github/workflows/prPreview.yml @@ -75,7 +75,7 @@ jobs: exit 1 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: # Default leaves a GITHUB_TOKEN auth header in .git/config for the # rest of the job. With contents:write granted, any subsequent diff --git a/.github/workflows/runIntegrationTests.yml b/.github/workflows/runIntegrationTests.yml index 2703e51333..55fd3c537f 100644 --- a/.github/workflows/runIntegrationTests.yml +++ b/.github/workflows/runIntegrationTests.yml @@ -21,7 +21,7 @@ jobs: run: | echo "Error: This workflow must be run from the master branch." exit 1 - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 1 - run: corepack enable @@ -35,7 +35,7 @@ jobs: - run: yarn build:extension - run: yarn test:ci - run: yarn test:e2e - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: ${{ !cancelled() }} with: name: playwright-report diff --git a/.github/workflows/runTests.yml b/.github/workflows/runTests.yml index ae8de001b6..488bb3f2d9 100644 --- a/.github/workflows/runTests.yml +++ b/.github/workflows/runTests.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 45 runs-on: macos-latest-xlarge steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 1 - run: corepack enable @@ -28,7 +28,7 @@ jobs: - run: yarn build:extension - run: yarn test:ci - run: yarn test:e2e - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: ${{ !cancelled() }} with: name: playwright-report diff --git a/.github/workflows/socket-scan.yml b/.github/workflows/socket-scan.yml index f74d746d9b..cba4f14bd2 100644 --- a/.github/workflows/socket-scan.yml +++ b/.github/workflows/socket-scan.yml @@ -43,8 +43,8 @@ jobs: socket-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - - uses: ruby/setup-ruby@12fd324f1d0b43274fdc8130f6980590a667c455 # v1.312.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: ruby/setup-ruby@9eb537ca036ebaed86729dcb9309076e4c5c3b74 # v1.314.0 with: ruby-version: "3.4.9" - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 diff --git a/.github/workflows/submitBeta.yml b/.github/workflows/submitBeta.yml index 63e56e7332..6a82e09380 100644 --- a/.github/workflows/submitBeta.yml +++ b/.github/workflows/submitBeta.yml @@ -34,7 +34,7 @@ jobs: gh run cancel ${{ github.run_id }} gh run watch ${{ github.run_id }} - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: ref: ${{ github.event.inputs.ref_name != '' && @@ -154,7 +154,7 @@ jobs: publish: true publish-target: trustedTesters - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 #v2.3.3 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 #v2.4.0 env: MSG_MINIMAL: true SLACK_CHANNEL: team-wallet-eng diff --git a/.github/workflows/submitProduction.yml b/.github/workflows/submitProduction.yml index 9859758eee..b03a34f8c7 100644 --- a/.github/workflows/submitProduction.yml +++ b/.github/workflows/submitProduction.yml @@ -44,7 +44,7 @@ jobs: exit 1 fi - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: ref: ${{ github.event.inputs.ref_name != '' && @@ -105,12 +105,12 @@ jobs: commitish: ${{ steps.checkout_sha.outputs.sha }} - name: Build for Firefox id: web-ext-build - uses: kewisch/action-web-ext@fe10addf5d5e5ba6b78ffde720dd488a27d10e8c #v1 + uses: kewisch/action-web-ext@84a13bb9e1b6108c43788ba091c41ca1dba6ad45 #v2.0 with: cmd: build source: ./extension/build - name: Submit extension to Firefox - uses: kewisch/action-web-ext@fe10addf5d5e5ba6b78ffde720dd488a27d10e8c #v1 + uses: kewisch/action-web-ext@84a13bb9e1b6108c43788ba091c41ca1dba6ad45 #v2.0 with: cmd: sign source: ${{ steps.web-ext-build.outputs.target }} @@ -127,7 +127,7 @@ jobs: run: zip -qq -r ./build_chrome.zip * working-directory: ./extension/build - name: Submit extension to Chrome - uses: mnao305/chrome-extension-upload@4008e29e13c144d0f6725462cbd49b7c291b4928 #v5.0.0 + uses: mnao305/chrome-extension-upload@fdfe79400af990f5145a319e834aee64907ccff4 #v6.0.0 with: file-path: ./extension/build/build_chrome.zip extension-id: "bcacfldlkkdogcmkkibnjlakofdplcbk" @@ -153,7 +153,7 @@ jobs: asset_name: build-${{ steps.package_version.outputs.version }}.zip asset_content_type: application/zip - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 #v2.3.3 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 #v2.4.0 env: MSG_MINIMAL: true SLACK_CHANNEL: release diff --git a/.github/workflows/submitSafari.yml b/.github/workflows/submitSafari.yml index aa9139e3ed..a0e7add5fd 100644 --- a/.github/workflows/submitSafari.yml +++ b/.github/workflows/submitSafari.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: maxim-lobanov/setup-xcode@v1 - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Update package.json version uses: jossef/action-set-json-field@2a0f7d953b580b828717daf4de7fafc7e4135e97 #v2 with: @@ -70,7 +70,7 @@ jobs: xcrun safari-web-extension-converter ./extension/build --project-location $GYM_PROJECT --macos-only - name: Set up ruby env - uses: ruby/setup-ruby@v1.268.0 + uses: ruby/setup-ruby@v1.314.0 with: ruby-version: 2.6.10 bundler-cache: true diff --git a/.github/workflows/testSlack.yml b/.github/workflows/testSlack.yml index 0128ad6446..b244b9001e 100644 --- a/.github/workflows/testSlack.yml +++ b/.github/workflows/testSlack.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Slack Notification - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae #v2.3.3 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 #v2.3.3 env: MSG_MINIMAL: true SLACK_CHANNEL: team-wallet-eng