diff --git a/.github/workflows/dependabot-tracking.yml b/.github/workflows/dependabot-tracking.yml index ecbf168..b9d50d4 100644 --- a/.github/workflows/dependabot-tracking.yml +++ b/.github/workflows/dependabot-tracking.yml @@ -22,4 +22,4 @@ jobs: # marocchino/sticky-pull-request-comment v2.9.4 # SHA: 773744901bac0e8cbb5a0dc842800d45e9b2b405 - - uses: marocchino/sticky-pull-request-comment@v2.9.4 + - uses: marocchino/sticky-pull-request-comment@v3.0.4 diff --git a/.github/workflows/reusable-workflow-sast.yml b/.github/workflows/reusable-workflow-sast.yml index 20804c8..ba07ed2 100644 --- a/.github/workflows/reusable-workflow-sast.yml +++ b/.github/workflows/reusable-workflow-sast.yml @@ -122,7 +122,7 @@ jobs: if: ${{ (github.actor != 'dependabot[bot]') && (inputs.force_semgrep == true || needs.test-visibility.outputs.visibility == 'private') }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 # Run the "semgrep scan" command on the command line of the docker image. - run: semgrep scan --config auto --sarif --sarif-output=semgrep.sarif --force-color @@ -133,7 +133,7 @@ jobs: run: | echo report_name=${{ github.run_id }}_${{ github.run_number }}_semgrep >> "$GITHUB_OUTPUT" - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 with: name: ${{ steps.name-sarifs.outputs.report_name }} path: ${{ github.workspace }}/semgrep.sarif @@ -161,12 +161,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: queries: ${{ inputs.queries }} config-file: ${{ inputs.config_file }} @@ -175,7 +175,7 @@ jobs: if: ${{ inputs.config_file != '' }} - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: queries: ${{ inputs.queries }} languages: ${{ inputs.language }} @@ -183,7 +183,7 @@ jobs: if: ${{ inputs.config_file == '' }} - name: Setup dotnet ${{ inputs.dotnet_version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ inputs.dotnet_version }} source-url: ${{ inputs.nuget-source-url }} @@ -208,7 +208,7 @@ jobs: if: ${{ inputs.language == 'csharp' && inputs.dotnet_build_params != '' }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: ref: ${{ inputs.ref }} sha: ${{ inputs.sha }} @@ -231,7 +231,7 @@ jobs: if: ${{ needs.test-visibility.outputs.visibility == 'public' }} steps: - - uses: actions/create-github-app-token@v2 + - uses: actions/create-github-app-token@v3 if: ${{ env.CODEQL_AUTHENTICATION_PRIVATE_KEY }} id: app-token with: @@ -242,7 +242,7 @@ jobs: - name: Advance Security Compliance Action if: ${{ env.CODEQL_AUTHENTICATION_PRIVATE_KEY }} - uses: advanced-security/policy-as-code@v2.10.1 + uses: advanced-security/policy-as-code@v2.11.1 with: # Set the severity levels which to set the threshold. All previous # severities are included so selecting 'error' also selects 'critical' and diff --git a/.github/workflows/test-setup-environment-variables.yml b/.github/workflows/test-setup-environment-variables.yml index 65b8149..2727cdf 100644 --- a/.github/workflows/test-setup-environment-variables.yml +++ b/.github/workflows/test-setup-environment-variables.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Environment Variables uses: ./set-up-environment