Fix version tags for gh workflows (#5402)

2024-12-21 16:18:28 +01:00 · 2023-05-09 11:44:05 +02:00 · 2023-05-09 11:44:05 +02:00 · 423fb453e2
commit 423fb453e2
parent 5f825e10f9
8 changed files with 10 additions and 10 deletions
--- a/.github/workflows/brew-bump-cli.yml
+++ b/.github/workflows/brew-bump-cli.yml
@ -29,7 +29,7 @@ jobs:
          secrets: "brew-bump-workflow-pat"

      - name: Update Homebrew formula
-        uses: dawidd6/action-homebrew-bump-formula@dd221ff435f42fa8102b5871bb1929af9d76476c
+        uses: dawidd6/action-homebrew-bump-formula@dd221ff435f42fa8102b5871bb1929af9d76476c # v3.8.0
        with:
          # Required, custom GitHub access token with the 'public_repo' and 'workflow' scopes
          token: ${{ steps.retrieve-secrets.outputs.brew-bump-workflow-pat }}
--- a/.github/workflows/build-web.yml
+++ b/.github/workflows/build-web.yml
@ -249,7 +249,7 @@ jobs:
          azure-keyvault-name: "bitwarden-ci"

      - name: Build Docker image
-        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v3.2.0
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0
        with:
          context: apps/web
          file: apps/web/Dockerfile
@ -297,7 +297,7 @@ jobs:
          secrets: "crowdin-api-token"

      - name: Upload Sources
-        uses: crowdin/github-action@ecd7eb0ef6f3cfa16293c79e9cbc4bc5b5fd9c49 # v1.4.9
+        uses: crowdin/github-action@3cabba4ddfd0579a1236b3fb68405236dc489ccc # v1.8.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
--- a/.github/workflows/chromatic.yml
+++ b/.github/workflows/chromatic.yml
@ -33,7 +33,7 @@ jobs:
        run: npm ci

      - name: Publish to Chromatic
-        uses: chromaui/action@d51b84e79d164fbe8fc5bb7175695d88ddd04b72 # v1.0.0
+        uses: chromaui/action@d51b84e79d164fbe8fc5bb7175695d88ddd04b72
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
--- a/.github/workflows/enforce-labels.yml
+++ b/.github/workflows/enforce-labels.yml
@ -11,7 +11,7 @@ jobs:
    runs-on: ubuntu-20.04
    steps:
      - name: Enforce Label
-        uses: yogevbd/enforce-label-action@a3c219da6b8fa73f6ba62b68ff09c469b3a1c024 # v2.2.2
+        uses: yogevbd/enforce-label-action@a3c219da6b8fa73f6ba62b68ff09c469b3a1c024 # 2.2.2
        with:
          BANNED_LABELS: "hold,needs-qa"
          BANNED_LABELS_DESCRIPTION: "PRs with the hold or needs-qa labels cannot be merged"
--- a/.github/workflows/label-issue-pull-request.yml
+++ b/.github/workflows/label-issue-pull-request.yml
@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Add label to pull request
-        uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 # v1.0.4
+        uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 # 1.0.4
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          add-labels: "needs-qa"
--- a/.github/workflows/release-web.yml
+++ b/.github/workflows/release-web.yml
@ -294,7 +294,7 @@ jobs:

      - name: Update deployment status to Success
        if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
-        uses: chrnorm/deployment-status@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
+        uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
        with:
          token: '${{ secrets.GITHUB_TOKEN }}'
          environment-url: http://vault.bitwarden.com
@ -303,7 +303,7 @@ jobs:

      - name: Update deployment status to Failure
        if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
-        uses: chrnorm/deployment-status@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
+        uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
        with:
          token: '${{ secrets.GITHUB_TOKEN }}'
          environment-url: http://vault.bitwarden.com
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -82,7 +82,7 @@ jobs:
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0

      - name: Install rust
-        uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 # v1.0.6
+        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
        with:
          toolchain: stable
          profile: minimal
--- a/.github/workflows/version-bump.yml
+++ b/.github/workflows/version-bump.yml
@ -55,7 +55,7 @@ jobs:
          secrets: "github-gpg-private-key, github-gpg-private-key-passphrase"

      - name: Import GPG key
-        uses: crazy-max/ghaction-import-gpg@c8bb57c57e8df1be8c73ff3d59deab1dbc00e0d1 # v5.2.0
+        uses: crazy-max/ghaction-import-gpg@c8bb57c57e8df1be8c73ff3d59deab1dbc00e0d1 # v5.3.0
        with:
          gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
          passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}