diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 78581ceb..5d2f1425 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -69,7 +69,7 @@ jobs: fetch-depth: 0 - name: "🟨 Use clang-format" - uses: DoozyX/clang-format-lint-action@v0.17 + uses: DoozyX/clang-format-lint-action@v0.18 with: source: "." exclude: "./third_party ./external" @@ -277,7 +277,7 @@ jobs: gcovr -j ${{env.nproc}} --delete --root ../ --print-summary --xml-pretty --xml coverage.xml - name: "Publish to codecov" - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v5 with: flags: ${{ runner.os }} name: ${{ runner.os }}-coverage @@ -705,7 +705,7 @@ jobs: - name: "Build Releasenotes" id: github_releasenotes - uses: release-drafter/release-drafter@v5.25.0 + uses: release-drafter/release-drafter@v6.0.0 with: publish: "${{ steps.check-version.outputs.tag != '' }}" tag: "${{ steps.check-version.outputs.tag }}" @@ -719,12 +719,12 @@ jobs: steps: - name: Build Changelog id: github_release - uses: mikepenz/release-changelog-builder-action@v4 + uses: mikepenz/release-changelog-builder-action@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create Release - uses: mikepenz/action-gh-release@v0.2.0-a03 #softprops/action-gh-release + uses: mikepenz/action-gh-release@v1 #softprops/action-gh-release with: body: ${{steps.github_release.outputs.changelog}} diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index dc994962..62f13e79 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -44,11 +44,11 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI - uses: codacy/codacy-analysis-cli-action@3ff8e64eb4b714c4bee91b7b4eea31c6fc2c4f93 # v4.3.0 + uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.3.0 with: # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository # You can also omit the token and run the tools that support default configurations @@ -64,6 +64,6 @@ jobs: # Upload the SARIF file generated in the previous step - name: 📤 Upload SARIF results file - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: codeql-results.sarif \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1668d1c7..a28a70a2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -104,7 +104,7 @@ jobs: steps: - name: "🧰 Checkout Source Code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.1 - name: "🧰 Setup Cache-ID with date for unix-like systems" if: matrix.language == 'cpp' @@ -169,7 +169,7 @@ jobs: - name: "🧰 Install Qt Version ${{ env.QT_VERSION }}" if: matrix.language == 'cpp' - uses: jurplel/install-qt-action@v3 + uses: jurplel/install-qt-action@v4 with: version: ${{ env.QT_VERSION }} host: ${{ matrix.QT_HOST}} @@ -228,7 +228,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -253,4 +253,4 @@ jobs: uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 512ebf5d..e005cf6c 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -22,7 +22,7 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 - name: Check the commits - uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6.0.1 + uses: wagoid/commitlint-github-action@3d28780bbf0365e29b144e272b2121204d5be5f3 # v6.1.2 diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml index 66821d0e..3f37e13e 100644 --- a/.github/workflows/defender-for-devops.yml +++ b/.github/workflows/defender-for-devops.yml @@ -39,7 +39,7 @@ jobs: 5.0.x 6.0.x - name: Run Microsoft Security DevOps - uses: microsoft/security-devops-action@v1.10.0 + uses: microsoft/security-devops-action@v1.12.0 id: msdo - name: Upload results to Security tab uses: github/codeql-action/upload-sarif@v3 diff --git a/.github/workflows/dependabot-merge.yml b/.github/workflows/dependabot-merge.yml index 0931e14e..6d55a2f2 100644 --- a/.github/workflows/dependabot-merge.yml +++ b/.github/workflows/dependabot-merge.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 # v2.1.0 + uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 3862c321..d57a7865 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -30,9 +30,9 @@ jobs: contents: write steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 - name: Dependency Review Action - uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 + uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. with: comment-summary-in-pr: always diff --git a/.github/workflows/devskim-analysis.yml b/.github/workflows/devskim-analysis.yml index abfe0e70..2236c200 100644 --- a/.github/workflows/devskim-analysis.yml +++ b/.github/workflows/devskim-analysis.yml @@ -31,11 +31,11 @@ jobs: security-events: write steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.7 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 102a92b1..74f9995a 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -79,7 +79,7 @@ jobs: # https://github.com/docker/build-push-action - name: Build and push Docker image id: build-and-push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: .devcontainer push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 43ba50d9..6ee3906f 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -30,7 +30,7 @@ jobs: pull-requests: write steps: - name: Update PRs with conflict labels - uses: eps1lon/actions-label-merge-conflict@6d74047dcef155976a15e4a124dde2c7fe0c5522 # v3.0.1 + uses: eps1lon/actions-label-merge-conflict@1b1b1fcde06a9b3d089f3464c96417961dde1168 # v3.0.2 with: dirtyLabel: conflicts # removeOnDirtyLabel: "PR: ready to ship" @@ -44,7 +44,7 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: codelytv/pr-size-labeler@56f6f0fc35c7cc0f72963b8467729e1120cb4bed # v1.10.0 + - uses: codelytv/pr-size-labeler@1c3422395d899286d5ee2c809fd5aed264d5eb9b # v1.10.2 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} xs_label: size/xs diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 5ff46b83..45f8251d 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -47,7 +47,7 @@ jobs: steps: # Git Checkout - name: 🧰 Checkout Source Code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.7 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances @@ -56,7 +56,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.io/flavors/ - uses: oxsecurity/megalinter@bacb5f8674e3730b904ca4d20c8bd477bc51b1a7 # v7.13.0 + uses: oxsecurity/megalinter@1fc052d03c7a43c78fe0fee19c9d648b749e0c01 # v8.3.0 # All available variables are described in documentation # https://megalinter.io/configuration/ env: @@ -115,7 +115,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: env.APPLY_FIXES_IF_PR == 'true' - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/.github/workflows/pages-astro.yml b/.github/workflows/pages-astro.yml index 3db6e925..5174ede2 100644 --- a/.github/workflows/pages-astro.yml +++ b/.github/workflows/pages-astro.yml @@ -30,9 +30,9 @@ jobs: if: (github.actor != 'dependabot[bot]') steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 - name: Build and Upload Site - uses: withastro/action@acfe56dffc635abfb9506c77d51ce097030360d1 # v2.0.0 + uses: withastro/action@44cbafd43567733e3b007918c6e0711480560516 # v3.0.0 with: path: ./docs # The root location of your Astro project inside the diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index 0130a810..37cd5de5 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -33,7 +33,7 @@ jobs: fetch-depth: 0 - name: Setup Pages - uses: actions/configure-pages@v4.0.0 + uses: actions/configure-pages@v5.0.0 - name: Build with Jekyll uses: actions/jekyll-build-pages@v1 with: diff --git a/.github/workflows/pr-lint.yaml b/.github/workflows/pr-lint.yaml index ddcade8c..21d955bd 100644 --- a/.github/workflows/pr-lint.yaml +++ b/.github/workflows/pr-lint.yaml @@ -28,7 +28,7 @@ jobs: steps: - name: 🧰 Checkout Source Code‚ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 - name: Lint pull request title uses: matthiashermsen/lint-pull-request-title@49458c35f9eeaaad64abfb7b1def719350b6a755 # v1.0.0 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index eee1f4b1..38026179 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -41,7 +41,7 @@ jobs: # Drafts your next Release notes as Pull Requests are merged # into "master" - name: Release Drafter - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6.0.0 + uses: release-drafter/release-drafter@26a6398e9170d2437a972b9d8598327210d97430 # v6.0.0 # (Optional) specify config name to use, relative to .github/. # Default: release-drafter.yml # with: diff --git a/.github/workflows/reuse-check.yml b/.github/workflows/reuse-check.yml index 624c3472..d52ab2bc 100644 --- a/.github/workflows/reuse-check.yml +++ b/.github/workflows/reuse-check.yml @@ -31,10 +31,10 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 - name: REUSE Compliance Check - uses: fsfe/reuse-action@a46482ca367aef4454a87620aa37c2be4b2f8106 # v3.0.0 + uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 08a57f93..ab0d4c93 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,10 +38,10 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v4.1.5 - name: Run analysis - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: scorecard_results.sarif results_format: sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: scorecard_results.sarif diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index a7167aaa..043227e5 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -98,7 +98,7 @@ jobs: steps: - name: check-spelling id: spelling - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }} checkout: true @@ -122,7 +122,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push' steps: - name: comment - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: checkout: true spell_check_this: check-spelling/spell-check-this@prerelease @@ -138,7 +138,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request') steps: - name: comment - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: checkout: true spell_check_this: check-spelling/spell-check-this@prerelease @@ -157,7 +157,7 @@ jobs: cancel-in-progress: false steps: - name: apply spelling updates - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: experimental_apply_changes_via_bot: 1 checkout: true diff --git a/.github/workflows/styles.yml b/.github/workflows/styles.yml index 8b77a8d3..d9ce75a0 100644 --- a/.github/workflows/styles.yml +++ b/.github/workflows/styles.yml @@ -71,19 +71,19 @@ jobs: steps: - name: '🧰 Checkout Source Code' if: github.event_name == 'push' - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: master - name: '🧰 Checkout Source Code' if: github.event_name == 'pull_request' - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/cache@v2 + - uses: actions/cache@v4 with: path: '**/src' key: ${{ github.workflow }}-src-${{ hashFiles('**/CMakeLists.txt', '**/*.cmake') @@ -101,13 +101,13 @@ jobs: - name: '⚙️ Cache Qt' id: cache-qt - uses: actions/cache@v1 # not v2! + uses: actions/cache@v4 # not v2! with: path: '${{ github.workspace }}/Qt' key: QtCache-${{ matrix.platform }}-{{ matrix.arch }}-${{ env.QT_VERSION }} - name: '⚙️ Install Qt' - uses: jurplel/install-qt-action@v2 + uses: jurplel/install-qt-action@v4 with: version: ${{ env.QT_VERSION }} target: ${{ env.QT_TARGET }} @@ -153,7 +153,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: SQL Check - uses: yokawasa/action-sqlcheck@v1.3.0 + uses: yokawasa/action-sqlcheck@v1.5.0 id: sqlcheck with: post-comment: true @@ -172,7 +172,7 @@ jobs: run: echo "Issues found in previous step" - name: Clang Format - uses: DoozyX/clang-format-lint-action@v0.13 + uses: DoozyX/clang-format-lint-action@v0.18 with: source: './src' clangFormatVersion: 12