diff --git a/.github/workflows/attach-binaries-to-release.yml b/.github/workflows/attach-binaries-to-release.yml index 6d835de483..7787c8737c 100644 --- a/.github/workflows/attach-binaries-to-release.yml +++ b/.github/workflows/attach-binaries-to-release.yml @@ -236,7 +236,7 @@ jobs: - name: Setup sccache if: ${{ !startsWith(matrix.os, 'ubuntu') && env.gcp_existing_archive == '' }} - uses: mozilla-actions/sccache-action@7d986dd989559c6ecdb630a3fd2557667be217ad # pin@v0.0.9 + uses: mozilla-actions/sccache-action@9e7fa8a12102821edf02ca5dbea1acd0f89a2696 # pin@v0.0.10 - name: Cargo build for ${{ matrix.os }} platform if: ${{ !startsWith(matrix.os, 'ubuntu') && env.gcp_existing_archive == '' }} @@ -274,7 +274,7 @@ jobs: parent: false - name: Upload release artifacts for ${{ matrix.os }} platform - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # pin@7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@7.0.1 with: name: walrus-binaries-${{ matrix.os }} if-no-files-found: error @@ -282,7 +282,7 @@ jobs: ./tmp/walrus-${{ env.walrus_tag }}-${{ env.os_type }}.tgz - name: Attach artifacts to ${{ env.walrus_tag }} release in GH - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # pin@v2.5.0 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # pin@v3.0.0 with: tag_name: ${{ env.walrus_tag }} files: | diff --git a/.github/workflows/code.yml b/.github/workflows/code.yml index adf2000704..caceb1e047 100644 --- a/.github/workflows/code.yml +++ b/.github/workflows/code.yml @@ -247,7 +247,7 @@ jobs: - name: Restore cached sui binary id: cache-sui-restore - uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # pin@v5.0.3 + uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # pin@v5.0.5 with: path: ${{ env.SUI_BIN }} key: ${{ runner.os }}-${{ runner.arch }}-${{ env.SUI_TAG }} @@ -266,7 +266,7 @@ jobs: run: bash ./scripts/move_tests.sh - name: Cache sui binary if: ${{ github.ref == 'refs/heads/main' && steps.cache-sui-restore.outputs.cache-hit != 'true' }} - uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # pin@v5.0.3 + uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # pin@v5.0.5 with: path: ${{ env.SUI_BIN }} key: ${{ steps.cache-sui-restore.outputs.cache-primary-key }} @@ -292,7 +292,7 @@ jobs: - name: Restore cached sui binary id: cache-sui-restore - uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # pin@v5.0.3 + uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # pin@v5.0.5 with: path: ${{ env.SUI_BIN }} key: ${{ runner.os }}-${{ runner.arch }}-${{ env.SUI_TAG }} @@ -319,7 +319,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Post a warning if the PR touches the testnet-contracts directory - uses: marocchino/sticky-pull-request-comment@70d2764d1a7d5d9560b100cbea0077fc8f633987 # pin@v3.0.2 + uses: marocchino/sticky-pull-request-comment@0ea0beb66eb9baf113663a64ec522f60e49231c0 # pin@v3.0.4 with: message: > **Warning:** This PR touches the `testnet-contracts` directory. This should only be @@ -337,7 +337,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Post a warning if the PR touches the mainnet-contracts directory - uses: marocchino/sticky-pull-request-comment@70d2764d1a7d5d9560b100cbea0077fc8f633987 # pin@v3.0.2 + uses: marocchino/sticky-pull-request-comment@0ea0beb66eb9baf113663a64ec522f60e49231c0 # pin@v3.0.4 with: message: > **Warning:** This PR touches the `mainnet-contracts` directory. This should only be @@ -354,7 +354,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Post a warning if the PR touches an example config file - uses: marocchino/sticky-pull-request-comment@70d2764d1a7d5d9560b100cbea0077fc8f633987 # pin@v3.0.2 + uses: marocchino/sticky-pull-request-comment@0ea0beb66eb9baf113663a64ec522f60e49231c0 # pin@v3.0.4 with: message: | **Warning:** This PR modifies one of the example config files. Please consider the @@ -380,7 +380,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Post a warning if the PR modifies the Walrus CLI - uses: marocchino/sticky-pull-request-comment@70d2764d1a7d5d9560b100cbea0077fc8f633987 # pin@v3.0.2 + uses: marocchino/sticky-pull-request-comment@0ea0beb66eb9baf113663a64ec522f60e49231c0 # pin@v3.0.4 with: message: | **Warning:** This PR modifies the Walrus CLI. Please consider the following: @@ -404,7 +404,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Post a warning if the PR touches an OpenAPI file - uses: marocchino/sticky-pull-request-comment@70d2764d1a7d5d9560b100cbea0077fc8f633987 # pin@v3.0.2 + uses: marocchino/sticky-pull-request-comment@0ea0beb66eb9baf113663a64ec522f60e49231c0 # pin@v3.0.4 with: message: | **Warning:** This PR modifies one of the OpenAPI files. Please consider the diff --git a/.github/workflows/create-tx-for-multisig-node-governance.yml b/.github/workflows/create-tx-for-multisig-node-governance.yml index 56b88dcdfa..707c4e00e5 100644 --- a/.github/workflows/create-tx-for-multisig-node-governance.yml +++ b/.github/workflows/create-tx-for-multisig-node-governance.yml @@ -78,7 +78,7 @@ jobs: cat artifacts/tx-data.txt - name: Upload Transaction Artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # pin@v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@v7.0.1 with: name: transaction-data path: artifacts/tx-data.txt diff --git a/.github/workflows/create-tx-for-multisig-subsidy.yml b/.github/workflows/create-tx-for-multisig-subsidy.yml index 89804556ca..ecd6761376 100644 --- a/.github/workflows/create-tx-for-multisig-subsidy.yml +++ b/.github/workflows/create-tx-for-multisig-subsidy.yml @@ -85,7 +85,7 @@ jobs: cat artifacts/tx-data.txt - name: Upload Transaction Artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # pin@v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # pin@v7.0.1 with: name: transaction-data path: artifacts/tx-data.txt diff --git a/.github/workflows/gen-sui-upgrade-version-pr.yml b/.github/workflows/gen-sui-upgrade-version-pr.yml index 0b1ba1bc05..e65b5c6c16 100644 --- a/.github/workflows/gen-sui-upgrade-version-pr.yml +++ b/.github/workflows/gen-sui-upgrade-version-pr.yml @@ -78,7 +78,7 @@ jobs: - name: Generate automerge token id: automerge_token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # pin@v2.2.1 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # pin@v3.2.0 with: app-id: ${{ secrets.WALRUS_AUTOMERGE_APP_ID }} private-key: ${{ secrets.WALRUS_AUTOMERGE_PRIVATE_KEY }} diff --git a/.github/workflows/issues-monitor.yaml b/.github/workflows/issues-monitor.yaml index a102099de8..66abd5da42 100644 --- a/.github/workflows/issues-monitor.yaml +++ b/.github/workflows/issues-monitor.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add Comment to New Issue - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # pin@v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # pin@v9.0.0 with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8fbe4e9fc4..42466ace8f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -59,7 +59,7 @@ jobs: run: ./yamlfmt -lint - name: Lint all markdown files - uses: DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101 # pin@v22.0.0 + uses: DavidAnson/markdownlint-cli2-action@ded1f9488f68a970bc66ea5619e13e9b52e601cd # pin@v23.2.0 with: config: .markdownlint-cli2.yaml # Note: Keep globs in sync with .markdownlint-cli2.yaml. @@ -83,7 +83,7 @@ jobs: name: Check spelling steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - - uses: crate-ci/typos@631208b7aac2daa8b707f55e7331f9112b0e062d # pin@v1.44.0 + - uses: crate-ci/typos@7b04f660f4ee4f048d18fd341887cf28dfbedfe2 # pin@v1.46.3 shellcheck: name: ShellCheck diff --git a/.github/workflows/notify-walrus-sites.yml b/.github/workflows/notify-walrus-sites.yml index 9997714137..95b4ea2a87 100644 --- a/.github/workflows/notify-walrus-sites.yml +++ b/.github/workflows/notify-walrus-sites.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Generate app token for cross-repo dispatch id: app_token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # pin@v2.2.1 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # pin@v3.2.0 with: app-id: ${{ secrets.WALRUS_AUTOMERGE_APP_ID }} private-key: ${{ secrets.WALRUS_AUTOMERGE_PRIVATE_KEY }} diff --git a/.github/workflows/pages-preview.yaml b/.github/workflows/pages-preview.yaml index 3f33794b6a..c57b212308 100644 --- a/.github/workflows/pages-preview.yaml +++ b/.github/workflows/pages-preview.yaml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Install pnpm - uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # pin@v5.0.0 + uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # pin@v6.0.8 with: version: 9 if: github.event.action != 'closed' @@ -47,7 +47,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Install pnpm - uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # pin@v5.0.0 + uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # pin@v6.0.8 with: version: 9 if: github.event.action != 'closed' @@ -75,7 +75,7 @@ jobs: if: github.event.action != 'closed' && github.repository_owner == 'MystenLabs' steps: - name: Wait for GitHub Pages deployment - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | // Wait for the Pages deployment triggered by the gh-pages push @@ -124,7 +124,7 @@ jobs: URL: https://MystenLabs.github.io/walrus/pr-preview/pr-${{ github.event.number }}/ - name: Comment on PR - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const marker = ''; diff --git a/.github/workflows/publish-docs.yaml b/.github/workflows/publish-docs.yaml index 2125ff1457..296d55bf15 100644 --- a/.github/workflows/publish-docs.yaml +++ b/.github/workflows/publish-docs.yaml @@ -38,7 +38,7 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2 - name: Install pnpm - uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # pin@v5.0.0 + uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # pin@v6.0.8 with: version: 9 - name: Setup Node.js @@ -75,7 +75,7 @@ jobs: with: persist-credentials: false - name: Install pnpm - uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # pin@v5.0.0 + uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # pin@v6.0.8 with: version: 9 - name: Setup Node.js diff --git a/.github/workflows/sccache-warmup.yml b/.github/workflows/sccache-warmup.yml index 928407ceb1..81a63bc3d9 100644 --- a/.github/workflows/sccache-warmup.yml +++ b/.github/workflows/sccache-warmup.yml @@ -49,7 +49,7 @@ jobs: run: | sudo apt update && sudo apt install -y libpq-dev - - uses: mozilla-actions/sccache-action@7d986dd989559c6ecdb630a3fd2557667be217ad # pin@v0.0.9 + - uses: mozilla-actions/sccache-action@9e7fa8a12102821edf02ca5dbea1acd0f89a2696 # pin@v0.0.10 - name: Build workspace (debug) shell: bash diff --git a/.github/workflows/stale-prs.yaml b/.github/workflows/stale-prs.yaml index 4574d018a8..1bfb0fb46a 100644 --- a/.github/workflows/stale-prs.yaml +++ b/.github/workflows/stale-prs.yaml @@ -11,7 +11,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # pin@v10.2.0 + - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # pin@v10.3.0 with: stale-pr-message: > This PR is stale because it has been open 14 days with no activity. diff --git a/.github/workflows/update-operators-cache.yml b/.github/workflows/update-operators-cache.yml index 86e609b981..a0da724d96 100644 --- a/.github/workflows/update-operators-cache.yml +++ b/.github/workflows/update-operators-cache.yml @@ -43,7 +43,7 @@ jobs: mv docs/site/static/new-operators.json docs/site/static/operators.json - name: Create Pull Request - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # pin@v8.1.0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # pin@v8.1.1 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: "chore: update aggregator cache info" diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index 69a9362637..f8eb2f35cf 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -108,7 +108,7 @@ jobs: - name: Generate automerge token if: inputs.delivery == 'pr' id: automerge_token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # pin@v2.2.1 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # pin@v3.2.0 with: app-id: ${{ secrets.WALRUS_AUTOMERGE_APP_ID }} private-key: ${{ secrets.WALRUS_AUTOMERGE_PRIVATE_KEY }}