diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index b93b8449..13d099d2 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -23,7 +23,7 @@ jobs: dry-run: false language: c++ - name: Upload Crash - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 if: failure() && steps.build.outcome == 'success' with: name: artifacts diff --git a/.github/workflows/cmake.yml b/.github/workflows/cmake.yml index 651a174a..5642a75b 100644 --- a/.github/workflows/cmake.yml +++ b/.github/workflows/cmake.yml @@ -26,8 +26,8 @@ jobs: contents: write # svenstaro/upload-release-action steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: '3.x' architecture: ${{matrix.arch}} @@ -67,13 +67,13 @@ jobs: python setup.py bdist_wheel - name: Upload artifcacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: path: ./build/*.7z - name: Upload Release Assets if: startsWith(github.ref, 'refs/tags/') - uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2.7.0 + uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2.9.0 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: ./build/*.7z diff --git a/.github/workflows/cross_build.yml b/.github/workflows/cross_build.yml index 17340ef1..bbf28d7c 100644 --- a/.github/workflows/cross_build.yml +++ b/.github/workflows/cross_build.yml @@ -20,7 +20,7 @@ jobs: arch: [ i686, arm, aarch64, riscv64, powerpc, powerpc64, powerpc64le, s390x, sparc64, m68k, sh4, alpha ] steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Install cross tools run: | diff --git a/.github/workflows/wheel.yml b/.github/workflows/wheel.yml index b9eebdfc..87d0fd65 100644 --- a/.github/workflows/wheel.yml +++ b/.github/workflows/wheel.yml @@ -27,8 +27,8 @@ jobs: contents: write # svenstaro/upload-release-action steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: "3.x" @@ -74,7 +74,7 @@ jobs: run: sh build_sdist.sh - name: Fetch sdist archive - uses: tj-actions/glob@ac7d983dd3677ab0879d703cfdbde78676cdfaad # v17.3.0 + uses: tj-actions/glob@2b2eb154193dc39d3012743ab3bf2c89e3aa6019 # v21.0.0 id: sdist with: files: ./python/dist/*.tar.gz @@ -88,7 +88,7 @@ jobs: run: cp -f dist/*.tar.gz wheelhouse/ - name: Upload artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: path: | ./python/wheelhouse/*.whl @@ -96,7 +96,7 @@ jobs: - name: Upload wheel release if: startsWith(github.ref, 'refs/tags/') - uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2.7.0 + uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2.9.0 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: ./python/wheelhouse/* @@ -146,7 +146,7 @@ jobs: actions: read # To read the workflow path. id-token: write # To sign the provenance. contents: write # To add assets to a release. - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 with: base64-subjects: "${{ needs.gather-disgests.outputs.digests }}" upload-assets: true # Optional: Upload to a new release