diff --git a/.github/workflows/auto_updates.yml b/.github/workflows/auto_updates.yml index 20761aaa..f8d77eee 100644 --- a/.github/workflows/auto_updates.yml +++ b/.github/workflows/auto_updates.yml @@ -23,7 +23,7 @@ jobs: shell: bash steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 # This GPG key is for the `phylum-bot` account and used in order to ensure commits are signed/verified - name: Import GPG key for bot account diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 0418dad1..e2b1b649 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -66,7 +66,7 @@ jobs: echo "REL_VER_WITHOUT_v=${REL_VER_WITHOUT_v}" >> "${GITHUB_ENV}" - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: # This will ensure the checkout matches the tag for the latest release ref: ${{ env.REL_VER_WITH_v }} diff --git a/.github/workflows/phylum_analyze_pr.yml b/.github/workflows/phylum_analyze_pr.yml index ae87f234..fb025018 100644 --- a/.github/workflows/phylum_analyze_pr.yml +++ b/.github/workflows/phylum_analyze_pr.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - name: Analyze poetry.lock file diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml index f977bec2..39fa696c 100644 --- a/.github/workflows/preview.yml +++ b/.github/workflows/preview.yml @@ -31,7 +31,7 @@ jobs: shell: bash steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: # `python-semantic-release` needs full history to properly determine the next release version fetch-depth: 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index aef76984..acd3f5e2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -46,7 +46,7 @@ jobs: DOCKER_BUILDKIT: 1 steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: # `python-semantic-release` needs full history to properly determine the next release version fetch-depth: 0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 530b216c..3f6b6d7c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,7 +24,7 @@ jobs: python-version: ["3.12"] steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install poetry run: pipx install poetry==1.6.1 @@ -67,7 +67,7 @@ jobs: python-version: ["3.9", "3.10", "3.12"] steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install poetry run: pipx install poetry==1.6.1 @@ -108,7 +108,7 @@ jobs: DOCKER_BUILDKIT: 1 steps: - name: Checkout the repo - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install poetry if: ${{ matrix.build == 'wheel' }}