From 1d1d1bc8b1e392b5e4bb1cc1216a6a525f9fb453 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Wed, 29 Oct 2025 10:42:54 +0000 Subject: [PATCH] chore(deps): update github-actions --- .github/actions/build-base-image/action.yaml | 8 ++--- .github/workflows/actions-updater.yaml | 6 ++-- .github/workflows/github-actions-checker.yaml | 2 +- .github/workflows/main.yaml | 30 +++++++++---------- .github/workflows/osv-scanner-scheduled.yml | 6 ++-- .github/workflows/pr-comment.yaml | 14 ++++----- .github/workflows/sync-github-prs.yaml | 4 +-- .github/workflows/sync-github-releases.yaml | 2 +- .github/workflows/update-base.yaml | 4 +-- 9 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/actions/build-base-image/action.yaml b/.github/actions/build-base-image/action.yaml index e8f01b524c3c..3c080d3cad13 100644 --- a/.github/actions/build-base-image/action.yaml +++ b/.github/actions/build-base-image/action.yaml @@ -27,14 +27,14 @@ runs: run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT - name: Cache BASE image - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 if: inputs.TYPE == '64-bit' || inputs.TYPE == 'clang' with: path: otp_docker_base.tar key: ${{ runner.os }}-${{ hashFiles('.github/dockerfiles/Dockerfile.ubuntu-base', '.github/scripts/build-base-image.sh') }}-${{ steps.date.outputs.date }}-${{ hashFiles('OTP_VERSION') }} - name: Docker login - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # ratchet:docker/login-action@v3.4.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -47,7 +47,7 @@ runs: - name: Cache pre-built src id: cache-src if: inputs.BUILD_IMAGE == 'true' - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: otp_src.tar.gz key: prebuilt-src-${{ github.ref_name }}-${{ github.sha }} @@ -61,7 +61,7 @@ runs: - name: Cache pre-built binaries id: cache-binary if: inputs.BUILD_IMAGE == 'true' && steps.cache-src.outputs.cache-hit == 'true' - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: otp_cache.tar.gz key: prebuilt-cache-${{ inputs.TYPE }}-${{ github.ref_name }}-${{ github.sha }} diff --git a/.github/workflows/actions-updater.yaml b/.github/workflows/actions-updater.yaml index 84274b1840d8..e1c289c9d464 100644 --- a/.github/workflows/actions-updater.yaml +++ b/.github/workflows/actions-updater.yaml @@ -14,17 +14,17 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # ratchet:actions/create-github-app-token@v2.0.6 + uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 with: app-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.APP_PEM }} - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: token: ${{ steps.generate_token.outputs.token }} - name: Run GitHub Actions Version Updater - uses: saadmk11/github-actions-version-updater@64be81ba69383f81f2be476703ea6570c4c8686e # ratchet:saadmk11/github-actions-version-updater@v0.8.1 + uses: saadmk11/github-actions-version-updater@d8781caf11d11168579c8e5e94f62b068038f442 # v0.9.0 with: token: ${{ steps.generate_token.outputs.token }} pull_request_branch: "github/actions-update" diff --git a/.github/workflows/github-actions-checker.yaml b/.github/workflows/github-actions-checker.yaml index 11016a5a0075..1ceed0703362 100644 --- a/.github/workflows/github-actions-checker.yaml +++ b/.github/workflows/github-actions-checker.yaml @@ -32,7 +32,7 @@ jobs: runs-on: 'ubuntu-latest' name: 'ratchet' steps: - - uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/checkout@v4.2.2 + - uses: 'actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955' # v4.3.0 - id: files run: | FILES=$(find .github/ -name "*.yml" -o -name "*.yaml" -printf "%p ") diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 075c0014084a..4e42e20dc117 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -63,7 +63,7 @@ jobs: c-code-changes: ${{ steps.c-code-changes.outputs.changes }} all: ${{ steps.apps.outputs.all }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -101,14 +101,14 @@ jobs: with: filters: .github/scripts/c-code-path-filters.yaml - name: Cache pre-built src - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: otp_src.tar.gz key: prebuilt-src-${{ github.ref_name }}-${{ github.sha }} restore-keys: | prebuilt-src-${{ github.base_ref }}-${{ github.event.pull_request.base.sha }} - name: Cache pre-built binaries - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: otp_cache.tar.gz key: prebuilt-cache-64-bit-${{ github.ref_name }}-${{ github.sha }} @@ -204,7 +204,7 @@ jobs: WXWIDGETS_VERSION: 3.2.6 MACOS_VERSION: 15 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - name: Download source archive uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # ratchet:actions/download-artifact@v4.3.0 @@ -213,7 +213,7 @@ jobs: - name: Cache wxWidgets id: wxwidgets-cache - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: wxWidgets key: wxWidgets-${{ env.WXWIDGETS_VERSION }}-${{ runner.os }}-${{ hashFiles('.github/scripts/build-macos-wxwidgets.sh') }}-${{ env.MACOS_VERSION }} @@ -252,7 +252,7 @@ jobs: runs-on: macos-15 needs: pack steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - name: Download source archive uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # ratchet:actions/download-artifact@v4.3.0 with: @@ -303,7 +303,7 @@ jobs: IF EXIST "c:\\Program Files\\OpenSSL-Win64" (move "c:\\Program Files\\OpenSSL-Win64" "c:\\OpenSSL-Win64") ELSE (move "c:\\Program Files\\OpenSSL" "c:\\OpenSSL-Win64") - name: Cache wxWidgets - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # ratchet:actions/cache@v4.2.3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: wxWidgets key: wxWidgets-${{ env.WXWIDGETS_VERSION }}-${{ runner.os }} @@ -385,7 +385,7 @@ jobs: if: needs.pack.outputs.c-code-changes steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -413,7 +413,7 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -424,7 +424,7 @@ jobs: runs-on: ubuntu-latest needs: pack steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -469,7 +469,7 @@ jobs: runs-on: ubuntu-latest needs: pack steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -498,7 +498,7 @@ jobs: # type: ["os_mon","sasl"] fail-fast: false steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -551,7 +551,7 @@ jobs: if: ${{ !cancelled() }} # Run even if the need has failed needs: test steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - uses: ./.github/actions/build-base-image with: BASE_BRANCH: ${{ env.BASE_BRANCH }} @@ -625,7 +625,7 @@ jobs: echo "tag=${TAG}" >> $GITHUB_OUTPUT echo "vsn=${VSN}" >> $GITHUB_OUTPUT - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 ## Publish the pre-built archive and docs - name: Download source archive @@ -656,7 +656,7 @@ jobs: sha256sum $FILES > SHA256.txt - name: Upload pre-built and doc tar archives - uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # ratchet:softprops/action-gh-release@v2.2.2 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: name: OTP ${{ steps.tag.outputs.vsn }} files: | diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml index fbff6d5fa864..875d872d1aeb 100644 --- a/.github/workflows/osv-scanner-scheduled.yml +++ b/.github/workflows/osv-scanner-scheduled.yml @@ -38,7 +38,7 @@ jobs: outputs: versions: ${{ steps.get-versions.outputs.versions }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - id: get-versions name: Fetch latest 3 OTP versions run: | @@ -58,7 +58,7 @@ jobs: permissions: actions: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: ref: ${{ matrix.type }} @@ -85,6 +85,6 @@ jobs: # See: https://github.com/github/codeql-action/issues/2117 actions: read contents: read - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@e69cc6c86b31f1e7e23935bbe7031b50e51082de" # ratchet:google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v2.0.2 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@e69cc6c86b31f1e7e23935bbe7031b50e51082de" # ratchet:google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v2.2.4" with: upload-sarif: ${{ github.repository == 'erlang/otp' }} diff --git a/.github/workflows/pr-comment.yaml b/.github/workflows/pr-comment.yaml index 8d09f5b86008..ad00afd16f13 100644 --- a/.github/workflows/pr-comment.yaml +++ b/.github/workflows/pr-comment.yaml @@ -42,7 +42,7 @@ jobs: outputs: result: ${{ steps.pr-number.outputs.result }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - name: Fetch PR number id: pr-number env: @@ -61,9 +61,9 @@ jobs: pull-requests: write if: github.event.action == 'requested' && needs.pr-number.outputs.result != '' steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 ## We create an initial comment with some useful help to the user - - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # ratchet:actions/github-script@v7.0.1 + - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 with: script: | const script = require('./.github/scripts/pr-comment.js'); @@ -84,7 +84,7 @@ jobs: needs.pr-number.outputs.result != '' && github.event.workflow_run.conclusion != 'skipped' steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 - name: Download and Extract Artifacts id: extract env: @@ -109,14 +109,14 @@ jobs: echo "HAS_TEST_ARTIFACTS=false" >> $GITHUB_OUTPUT fi - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: token: ${{ secrets.ERLANG_TOKEN }} repository: 'erlang/erlang.github.io' path: erlang.github.io - name: Publish CT Test Results - uses: EnricoMi/publish-unit-test-result-action@afb2984f4d89672b2f9d9c13ae23d53779671984 # ratchet:EnricoMi/publish-unit-test-result-action@v2.19.0 + uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 if: steps.extract.outputs.HAS_TEST_ARTIFACTS == 'true' with: commit: ${{ github.event.workflow_run.head_sha }} @@ -152,7 +152,7 @@ jobs: ## Append some useful links and tips to the test results posted by ## Publish CT Test Results - - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # ratchet:actions/github-script@v7.0.1 + - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 if: always() with: script: | diff --git a/.github/workflows/sync-github-prs.yaml b/.github/workflows/sync-github-prs.yaml index 7cfbd8da37f9..f8e14ee2c905 100644 --- a/.github/workflows/sync-github-prs.yaml +++ b/.github/workflows/sync-github-prs.yaml @@ -35,8 +35,8 @@ jobs: concurrency: erlang.github.io-deploy runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: token: ${{ secrets.ERLANG_TOKEN }} repository: 'erlang/erlang.github.io' diff --git a/.github/workflows/sync-github-releases.yaml b/.github/workflows/sync-github-releases.yaml index 0398c4d5e69e..1744642f3df4 100644 --- a/.github/workflows/sync-github-releases.yaml +++ b/.github/workflows/sync-github-releases.yaml @@ -41,7 +41,7 @@ jobs: contents: write actions: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 ## We need to login to the package registry in order to pull ## the base debian image. - name: Docker login diff --git a/.github/workflows/update-base.yaml b/.github/workflows/update-base.yaml index d109f4c20bc0..667fd770db40 100644 --- a/.github/workflows/update-base.yaml +++ b/.github/workflows/update-base.yaml @@ -47,14 +47,14 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4.2.2 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: ref: ${{ matrix.branch }} - name: Cleanup GH Runner shell: bash run: .github/scripts/cleanup_gh_runner.sh - name: Docker login - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # ratchet:docker/login-action@v3.4.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }}