diff --git a/.github/workflows/CreateBuildTag.yaml b/.github/workflows/CreateBuildTag.yaml index 53982ee27e..692fa9f34a 100644 --- a/.github/workflows/CreateBuildTag.yaml +++ b/.github/workflows/CreateBuildTag.yaml @@ -18,7 +18,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Get Build Version id: GetBuildVersion diff --git a/.github/workflows/MSDO.yml b/.github/workflows/MSDO.yml index 7e64a8ab18..f4a4a00235 100644 --- a/.github/workflows/MSDO.yml +++ b/.github/workflows/MSDO.yml @@ -17,16 +17,16 @@ jobs: security-events: write # This is required to upload SARIF files steps: - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run Credential Scanning - uses: microsoft/security-devops-action@cc007d020261b84193ccd49fa298eb8ba2408893 # v1.11.0 + uses: microsoft/security-devops-action@08976cb623803b1b36d7112d4ff9f59eae704de0 # v1.12.0 id: credscan with: policy: Microsoft tools: credscan - name: Upload results to Security tab - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 with: sarif_file: ${{ steps.credscan.outputs.sarifFile }} diff --git a/.github/workflows/PowerShell.yaml b/.github/workflows/PowerShell.yaml index 8ffbe4d1a0..5cd7ee6e00 100644 --- a/.github/workflows/PowerShell.yaml +++ b/.github/workflows/PowerShell.yaml @@ -21,7 +21,7 @@ jobs: permissions: security-events: write # for github/codeql-action/upload-sarif to upload SARIF results steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run PSScriptAnalyzer uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f # v1.1 @@ -33,7 +33,7 @@ jobs: # Upload the SARIF file generated in the previous step - name: Upload SARIF results file - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 with: sarif_file: results.sarif @@ -41,7 +41,7 @@ jobs: name: Run PS Tests runs-on: windows-latest steps: - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run PS Tests run: | diff --git a/.github/workflows/UpdateBCArtifactVersion.yaml b/.github/workflows/UpdateBCArtifactVersion.yaml index 3c33cf2878..c1ce563681 100644 --- a/.github/workflows/UpdateBCArtifactVersion.yaml +++ b/.github/workflows/UpdateBCArtifactVersion.yaml @@ -40,7 +40,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ matrix.branch }} diff --git a/.github/workflows/UpdatePackageVersions.yaml b/.github/workflows/UpdatePackageVersions.yaml index 8edbedf913..11836708fa 100644 --- a/.github/workflows/UpdatePackageVersions.yaml +++ b/.github/workflows/UpdatePackageVersions.yaml @@ -39,7 +39,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ matrix.branch }} diff --git a/.github/workflows/VerifyAppChanges.yaml b/.github/workflows/VerifyAppChanges.yaml index 40e54b1cde..c252ea95db 100644 --- a/.github/workflows/VerifyAppChanges.yaml +++ b/.github/workflows/VerifyAppChanges.yaml @@ -14,7 +14,7 @@ jobs: name: Verify App Changes steps: - name: checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.sha }} diff --git a/.github/workflows/WorkitemValidation.yaml b/.github/workflows/WorkitemValidation.yaml index f0cd59f819..6b4265f850 100644 --- a/.github/workflows/WorkitemValidation.yaml +++ b/.github/workflows/WorkitemValidation.yaml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Validate work items for pull request env: @@ -35,7 +35,7 @@ jobs: needs: GitHubIssueValidation steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Link work items to pull request if possible env: diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index e0ee3efb89..fbac091145 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -18,7 +18,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -29,6 +29,6 @@ jobs: results_format: sarif - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v2.16.4 + uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v2.16.4 with: sarif_file: results.sarif