diff --git a/.github/workflows/auto-merge-on-docs-release.yml b/.github/workflows/auto-merge-on-docs-release.yml index 91ca21ec8..c7717ba75 100644 --- a/.github/workflows/auto-merge-on-docs-release.yml +++ b/.github/workflows/auto-merge-on-docs-release.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Find and merge dependent PRs - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const version = context.payload.client_payload.version; diff --git a/.github/workflows/check-devin-pr-assignee.yml b/.github/workflows/check-devin-pr-assignee.yml index 9d9af64ab..02d195bb1 100644 --- a/.github/workflows/check-devin-pr-assignee.yml +++ b/.github/workflows/check-devin-pr-assignee.yml @@ -13,7 +13,7 @@ jobs: if: ${{ github.event.pull_request.user.login == 'devin-ai-integration[bot]' }} steps: - name: Auto-assign requester from PR description - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/check-links.yml b/.github/workflows/check-links.yml index c2491b01a..6c44214e0 100644 --- a/.github/workflows/check-links.yml +++ b/.github/workflows/check-links.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -382,7 +382,7 @@ jobs: - name: Upload URLs (early, for debugging) - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: urls path: | @@ -775,7 +775,7 @@ jobs: - name: Upload errors-only report if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: lychee-report path: ./lychee-report.md @@ -783,7 +783,7 @@ jobs: - name: Upload lychee outputs and verification results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: lychee-outputs path: | @@ -796,7 +796,7 @@ jobs: - name: Create PR for broken links id: create-pr if: steps.check_failures.outputs.has_other_failures == 'true' || steps.retry429.outputs.has_429_failures == 'true' || steps.verify_github.outputs.has_missing == 'true' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: DEVIN_PROMPT: | @devin-ai-integration Please fix the broken links detected by the scheduled link checker. @@ -1051,7 +1051,7 @@ jobs: - name: Send Slack notification for broken links if: steps.create-pr.outputs.pr_created == 'true' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: SLACK_TOKEN: ${{ secrets.DEVIN_AI_PR_BOT_SLACK_TOKEN }} PR_URL: ${{ steps.create-pr.outputs.pr_url }} diff --git a/.github/workflows/fern-scribe.yml b/.github/workflows/fern-scribe.yml index 1881eda78..ac851b36a 100644 --- a/.github/workflows/fern-scribe.yml +++ b/.github/workflows/fern-scribe.yml @@ -16,13 +16,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: token: ${{ secrets.GITHUB_TOKEN }} persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: '20' cache: 'npm' @@ -63,7 +63,7 @@ jobs: - name: Comment on issue if: success() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | github.rest.issues.createComment({ @@ -75,7 +75,7 @@ jobs: - name: Comment on failure if: failure() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/preview-docs.yml b/.github/workflows/preview-docs.yml index 120026615..ce9053c8b 100644 --- a/.github/workflows/preview-docs.yml +++ b/.github/workflows/preview-docs.yml @@ -28,7 +28,7 @@ jobs: - name: Checkout repository if: steps.check-token.outputs.has_token == 'true' - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 # Fetch full history for git diff persist-credentials: false @@ -102,7 +102,7 @@ jobs: - name: Post PR comment if: steps.check-token.outputs.has_token == 'true' - uses: thollander/actions-comment-pull-request@1d3973dc4b8e1399c0620d3f2b1aa5e795465308 # v2.4.3 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: filePath: comment.md comment_tag: preview-docs diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index 7ad73f377..6e9971679 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/sync-translations.yml b/.github/workflows/sync-translations.yml index fab1094f2..7fc177e44 100644 --- a/.github/workflows/sync-translations.yml +++ b/.github/workflows/sync-translations.yml @@ -15,13 +15,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.12' diff --git a/.github/workflows/update-versions.yml b/.github/workflows/update-versions.yml index 07030914a..5470e7d76 100644 --- a/.github/workflows/update-versions.yml +++ b/.github/workflows/update-versions.yml @@ -9,7 +9,7 @@ jobs: update-versions: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: main persist-credentials: false diff --git a/.github/workflows/vale.yml b/.github/workflows/vale.yml index 619b2592e..79bde387c 100644 --- a/.github/workflows/vale.yml +++ b/.github/workflows/vale.yml @@ -15,13 +15,13 @@ jobs: github.event.pull_request.user.login != 'fern-support' && github.event.pull_request.user.login != 'github-actions' steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Get changed files id: changed-files - uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 with: files: | fern/**/*.md