diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index b88d441a8c..dd84fdbc3e 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -130,10 +130,10 @@ jobs: rm -rf InvenTree/_testfolder - name: Set up QEMU if: github.event_name != 'pull_request' - uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # pin@v3.4.0 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # pin@v3.6.0 - name: Set up Docker Buildx if: github.event_name != 'pull_request' - uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # pin@v3.9.0 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # pin@v3.10.0 - name: Set up cosign if: github.event_name != 'pull_request' uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # pin@v3.8.1 @@ -163,7 +163,7 @@ jobs: - name: Extract Docker metadata if: github.event_name != 'pull_request' id: meta - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # pin@v5.6.1 + uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # pin@v5.7.0 with: images: | inventree/inventree diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml index 2fe06a6a40..c869b685a1 100644 --- a/.github/workflows/qc_checks.yaml +++ b/.github/workflows/qc_checks.yaml @@ -232,7 +232,7 @@ jobs: - name: Create artifact directory run: mkdir -p artifact - name: Download schema artifact - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # pin@v4.1.8 + uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # pin@v4.1.9 with: path: artifact merge-multiple: true @@ -338,7 +338,7 @@ jobs: - name: Coverage Tests run: invoke dev.test --coverage --translations - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # pin@v5.3.1 + uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # pin@v5.4.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} @@ -481,7 +481,7 @@ jobs: - name: Run Tests run: invoke dev.test --migrations --report --coverage --translations - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # pin@v5.3.1 + uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # pin@v5.4.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} @@ -613,7 +613,7 @@ jobs: if: always() run: cd src/frontend && npx nyc report --report-dir ./coverage --temp-dir .nyc_output --reporter=lcov --exclude-after-remap false - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # pin@v5.3.1 + uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # pin@v5.4.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index aa5cf5de75..1655b8e098 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -69,7 +69,7 @@ jobs: zip -r ../frontend-build.zip * .vite - name: Attest Build Provenance id: attest - uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # pin@v1 + uses: actions/attest-build-provenance@bd77c077858b8d561b7a36cbe48ef4cc642ca39d # pin@v1 with: subject-path: "${{ github.workspace }}/src/backend/InvenTree/web/static/frontend-build.zip"