diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aff8476..716446d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: name: Core Sanity + Static Gates runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -46,7 +46,7 @@ jobs: name: Frontend Unit + Coverage runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -81,7 +81,7 @@ jobs: name: UI Smoke + Visual + A11y + Responsive runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -119,7 +119,7 @@ jobs: name: Rust Backend + Security Health runs-on: macos-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -183,7 +183,7 @@ jobs: ASSISTSUPPORT_DB_PASSWORD: assistsupport_ci ASSISTSUPPORT_DB_NAME: assistsupport_ci steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -245,7 +245,7 @@ jobs: name: Dependency Security Audit runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c @@ -301,7 +301,7 @@ jobs: - security-audit runs-on: macos-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Install system dependencies run: brew install protobuf pkgconf cmake diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 355bf0b..09aa445 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -33,7 +33,7 @@ jobs: build-mode: none steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup Node.js if: matrix.language == 'javascript-typescript' diff --git a/.github/workflows/dependency-watch.yml b/.github/workflows/dependency-watch.yml index 62be527..3bed37e 100644 --- a/.github/workflows/dependency-watch.yml +++ b/.github/workflows/dependency-watch.yml @@ -14,7 +14,7 @@ jobs: name: Weekly Dependency and Advisory Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c diff --git a/.github/workflows/git-hygiene.yml b/.github/workflows/git-hygiene.yml index 0fdfaf7..2aa39fc 100644 --- a/.github/workflows/git-hygiene.yml +++ b/.github/workflows/git-hygiene.yml @@ -13,7 +13,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: fetch-depth: 0 - uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed @@ -32,5 +32,5 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - run: bash scripts/git/guard-branch.sh diff --git a/.github/workflows/lockfile-rationale.yml b/.github/workflows/lockfile-rationale.yml index 454d73a..4947e70 100644 --- a/.github/workflows/lockfile-rationale.yml +++ b/.github/workflows/lockfile-rationale.yml @@ -12,7 +12,7 @@ jobs: contents: read pull-requests: read steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 id: changed - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 diff --git a/.github/workflows/osv-scan.yml b/.github/workflows/osv-scan.yml index 8b3c2f5..f7abac3 100644 --- a/.github/workflows/osv-scan.yml +++ b/.github/workflows/osv-scan.yml @@ -21,7 +21,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Run OSV-Scanner # Advisory-only: reports SARIF but does not fail the job. The diff --git a/.github/workflows/quality-gates.yml b/.github/workflows/quality-gates.yml index f232e30..7d6f002 100644 --- a/.github/workflows/quality-gates.yml +++ b/.github/workflows/quality-gates.yml @@ -13,7 +13,7 @@ jobs: name: quality-gates runs-on: ubuntu-latest steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: fetch-depth: 0 diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml index d4a01d8..20a7ca6 100644 --- a/.github/workflows/sbom.yml +++ b/.github/workflows/sbom.yml @@ -15,7 +15,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - name: Setup pnpm uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c