diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index eb16ed7..5d66b52 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ inputs.ref || github.ref }} fetch-depth: 0 @@ -41,7 +41,7 @@ jobs: id: versions - name: Install a specific version of uv - uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7.1.3 + uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 with: version: "${{ steps.versions.outputs.uv }}" python-version: "${{ steps.versions.outputs.python }}" @@ -55,7 +55,7 @@ jobs: - name: Archive test_logs if: always() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: test-logs path: test_logs/ @@ -66,7 +66,7 @@ jobs: UV_DYNAMIC_VERSIONING_BYPASS: ${{ inputs.override_uv_version }} run: uv build - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: sdk-build path: dist/ @@ -80,10 +80,10 @@ jobs: version: ["3.11", "3.12", "3.13", "3.14"] runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ inputs.ref || github.ref }} - - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: sdk-build path: .github/data/dist/ @@ -118,7 +118,7 @@ jobs: echo "Version '${VERSION}' in pyproject.toml is pre-release, continuing... " fi - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ inputs.ref || github.ref }} @@ -127,19 +127,19 @@ jobs: id: versions - name: Install a specific version of uv - uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7.1.3 + uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 with: version: "${{ steps.versions.outputs.uv }}" python-version: "${{ steps.versions.outputs.python }}" enable-cache: true - - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: sdk-build path: dist/ - name: Create release and upload assets if: ${{ startsWith(github.ref, 'refs/tags/') && github.event_name != 'workflow_dispatch' }} - uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: files: dist/f5_ai_gateway_sdk* generate_release_notes: true diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml index 7b71712..afad01f 100644 --- a/.github/workflows/linters.yml +++ b/.github/workflows/linters.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout code with full history - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 @@ -24,7 +24,7 @@ jobs: id: versions - name: Install a specific version of uv - uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7.1.3 + uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 with: version: "${{ steps.versions.outputs.uv }}" python-version: "${{ steps.versions.outputs.python }}" diff --git a/.github/workflows/scanners.yml b/.github/workflows/scanners.yml index 61efffc..2f5a225 100644 --- a/.github/workflows/scanners.yml +++ b/.github/workflows/scanners.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "Checkout Code" - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: "Run FOSSA Scan" uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0 @@ -35,7 +35,7 @@ jobs: trivy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1 with: scan-type: fs @@ -44,7 +44,7 @@ jobs: bandit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 @@ -53,7 +53,7 @@ jobs: id: versions - name: Install a specific version of uv - uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7.1.3 + uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 with: version: "${{ steps.versions.outputs.uv }}" python-version: "${{ steps.versions.outputs.python }}" @@ -69,7 +69,7 @@ jobs: dependency-audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: run audit on requirements uses: pypa/gh-action-pip-audit@1220774d901786e6f652ae159f7b6bc8fea6d266 # v1.1.0 with: