Merge branch 'main' into renovate/actions-stale-9.x

anolilab · Jan 1, 2024 · 5ae2d0c · 5ae2d0c
2 parents 582d694 + 9cc2102
commit 5ae2d0c
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/.github/workflows/bundle-analysis.yml b/.github/workflows/bundle-analysis.yml
@@ -106,13 +106,13 @@ jobs:
               run: "cd examples/nextra && npx -p nextjs-bundle-analysis@0.5.0 report"
 
             - name: "Upload Bundle"
-              uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" # v3.1.2
+              uses: "actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392" # v4.0.0
               with:
                   name: "bundle"
                   path: "examples/nextra/.next/analyze/__bundle_analysis.json"
 
             - name: "Download Base Branch Bundle Stats"
-              uses: "dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615" # v2.27.0
+              uses: "dawidd6/action-download-artifact@e7466d1a7587ed14867642c2ca74b5bcc1e19a2d" # v3.0.0
               if: "success() && github.event.number"
               with:
                   workflow: "nextjs-bundle-analysis.yml"

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
 
             # Initializes the CodeQL tools for scanning.
             - name: "Initialize CodeQL"
-              uses: "github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5
+              uses: "github/codeql-action/init@012739e5082ff0c22ca6d6ab32e07c36df03c4a4" # v3.22.12
               with:
                   languages: "${{ matrix.language }}"
                   # If you wish to specify custom queries, you can do so here or in a config file.
@@ -62,7 +62,7 @@ jobs:
             # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: "Autobuild"
-              uses: "github/codeql-action/autobuild@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5
+              uses: "github/codeql-action/autobuild@012739e5082ff0c22ca6d6ab32e07c36df03c4a4" # v3.22.12
 
             # ℹ️ Command-line programs to run using the OS shell.
             # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -75,6 +75,6 @@ jobs:
             #   ./location_of_script_within_repo/buildscript.sh
 
             - name: "Perform CodeQL Analysis"
-              uses: "github/codeql-action/analyze@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5
+              uses: "github/codeql-action/analyze@012739e5082ff0c22ca6d6ab32e07c36df03c4a4" # v3.22.12
               with:
                   category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -65,14 +65,14 @@ jobs:
             # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
             # format to the repository Actions tab.
             - name: "Upload artifact"
-              uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" # v3.1.2
+              uses: "actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392" # v4.0.0
               with:
                   name: "SARIF file"
                   path: "results.sarif"
                   retention-days: 5
 
             # Upload the results to GitHub's code scanning dashboard.
             - name: "Upload to code-scanning"
-              uses: "github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5
+              uses: "github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4" # v3.22.12
               with:
                   sarif_file: "results.sarif"