diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml index 88b8fc3..2db153a 100644 --- a/.github/workflows/analyze.yml +++ b/.github/workflows/analyze.yml @@ -23,7 +23,7 @@ jobs: runs-on: 'ubuntu-latest' steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonar analysis @@ -57,7 +57,7 @@ jobs: runs-on: 'ubuntu-latest' steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: # We must fetch at least the immediate parents so that if this is a pull request then we can check out the head. fetch-depth: 2 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 62006ce..3b5d66c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: java: ['8', '11', '17', '21'] steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set up Java ${{ matrix.java }} uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 diff --git a/CHANGELOG.md b/CHANGELOG.md index 5050634..7772959 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,5 +19,6 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - Bump com.google.guava:guava from 32.1.3 to 33.1.0 (#378, #390). - Bump actions/setup-java from 3.13.0 to 4.2.1 (#374, #389). - Bump actions/cache from 3.3.2 to 4.0.1 (#381, #385). +- Bump actions/checkout from 4.1.1 to 4.1.2 (#387). ### Thanks