diff --git a/.github/workflows/Component.BuildTest.yml b/.github/workflows/Component.BuildTest.yml index eff0fb7c73..ff11814504 100644 --- a/.github/workflows/Component.BuildTest.yml +++ b/.github/workflows/Component.BuildTest.yml @@ -54,7 +54,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml index dc5678c101..6a926f99a6 100644 --- a/.github/workflows/add-labels.yml +++ b/.github/workflows/add-labels.yml @@ -18,7 +18,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Add labels for component found in bug issue descriptions shell: pwsh @@ -40,7 +40,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: ref: ${{ github.event.repository.default_branch }} # Note: Do not run on the PR branch we want to execute add-labels.psm1 from main on the base repo only because pull_request_target can see secrets diff --git a/.github/workflows/ci-Exporter.OneCollector-Integration.yml b/.github/workflows/ci-Exporter.OneCollector-Integration.yml index 92d5989cfd..85b02215d5 100644 --- a/.github/workflows/ci-Exporter.OneCollector-Integration.yml +++ b/.github/workflows/ci-Exporter.OneCollector-Integration.yml @@ -36,7 +36,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} # Run on the fork branch once approved diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a58bec5cf0..eecfd30141 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,7 +29,7 @@ jobs: disk-root: "D:" - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Initialize CodeQL uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 diff --git a/.github/workflows/core-version-update.yml b/.github/workflows/core-version-update.yml index bc6d4f3c5f..b49a90551d 100644 --- a/.github/workflows/core-version-update.yml +++ b/.github/workflows/core-version-update.yml @@ -24,7 +24,7 @@ jobs: GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: ref: ${{ github.event.repository.default_branch }} token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/dotnet-format.yml b/.github/workflows/dotnet-format.yml index 3850234e51..9421d22f53 100644 --- a/.github/workflows/dotnet-format.yml +++ b/.github/workflows/dotnet-format.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index ff73a43424..d920322104 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -12,7 +12,7 @@ jobs: fossa: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - uses: fossas/fossa-action@c0a7d013f84c8ee5e910593186598625513cc1e4 # v1.6.0 with: diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index f7f554ce60..cabc351f1f 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -16,7 +16,7 @@ jobs: matrix: version: [net8.0] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Run redis docker compose run: docker compose --file=test/OpenTelemetry.Instrumentation.StackExchangeRedis.Tests/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build @@ -29,7 +29,7 @@ jobs: matrix: version: [net8.0] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Run kafka docker compose run: docker compose --file=test/OpenTelemetry.Instrumentation.ConfluentKafka.Tests/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index 6d46d42a9d..28f505d91b 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: run markdownlint uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265 # v19.1.0 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 97f07090ac..aeef44d2f0 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -19,7 +19,7 @@ jobs: # Needed for GitHub OIDC token if publish_results is true id-token: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 3f36f962a3..be5b8ccad1 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -27,7 +27,7 @@ jobs: GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Note: By default GitHub only fetches 1 commit. We need all the tags # for this work. diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index eb6f2b7b78..7701f37794 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -91,7 +91,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -128,7 +128,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -162,7 +162,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -201,7 +201,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -244,7 +244,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index e7071f22ea..5949486349 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -29,7 +29,7 @@ jobs: artifact-id: ${{ steps.upload-artifacts.outputs.artifact-id }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we @@ -117,7 +117,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/sanitycheck.yml b/.github/workflows/sanitycheck.yml index ba31fe37e4..370c3376fd 100644 --- a/.github/workflows/sanitycheck.yml +++ b/.github/workflows/sanitycheck.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: install misspell run: | @@ -24,7 +24,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: detect non-ASCII encoding and trailing space run: python3 ./build/scripts/sanitycheck.py diff --git a/.github/workflows/verifyaotcompat.yml b/.github/workflows/verifyaotcompat.yml index e614f51cdd..a9c59d3c36 100644 --- a/.github/workflows/verifyaotcompat.yml +++ b/.github/workflows/verifyaotcompat.yml @@ -14,7 +14,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index 9a825c92a8..938a82ff09 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -10,7 +10,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: install yamllint run: pip install -r ./build/yamllint-requirements.txt --require-hashes