diff --git a/.github/workflows/build-swift.yml b/.github/workflows/build-swift.yml index 92be9a456..4d0293dd1 100644 --- a/.github/workflows/build-swift.yml +++ b/.github/workflows/build-swift.yml @@ -16,7 +16,7 @@ jobs: package_version: ${{ steps.retrieve-version.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Get Package Version id: retrieve-version @@ -32,7 +32,7 @@ jobs: _VERSION: ${{ needs.version.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Install rust uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07 # stable @@ -40,7 +40,7 @@ jobs: toolchain: stable - name: Cache cargo registry - uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0 + uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 with: key: sdk-swift-cargo diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c5d530b6b..761c564cd 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -45,7 +45,7 @@ jobs: RUSTFLAGS: "-D warnings" - name: Upload Clippy results to GitHub - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 with: sarif_file: clippy_result.sarif diff --git a/.github/workflows/release-swift.yml b/.github/workflows/release-swift.yml index 954480365..da1f870cf 100644 --- a/.github/workflows/release-swift.yml +++ b/.github/workflows/release-swift.yml @@ -38,7 +38,7 @@ jobs: swift_checksum: ${{ steps.calculate-swift-checksum.outputs.checksum }} steps: - name: Checkout repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Get version id: version @@ -109,7 +109,7 @@ jobs: _SWIFT_CHECKSUM: ${{ needs.validate.outputs.swift_checksum }} steps: - name: Checkout SDK repo - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: path: sdk @@ -123,14 +123,14 @@ jobs: fi - name: Checkout SDK-Swift repo - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: bitwarden/sdk-swift path: sdk-swift ref: ${{ steps.get-ref.outputs.ref }} - name: Login to Azure - Prod Subscription - uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 + uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 with: creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} @@ -189,7 +189,7 @@ jobs: _BUILD_RUN_ID: ${{ needs.validate.outputs.run_id }} steps: - name: Login to Azure - Prod Subscription - uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 + uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 with: creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} @@ -210,7 +210,7 @@ jobs: run_id: ${{ env._BUILD_RUN_ID }} - name: Create release - uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0 + uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 with: tag: v${{ env._RELEASE_NAME }} name: v${{ env._RELEASE_NAME }} diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index aecb18356..2df3b61b7 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -46,7 +46,7 @@ jobs: --output-path . ${{ env.INCREMENTAL }} - name: Upload Checkmarx results to GitHub - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 with: sarif_file: cx_result.sarif