diff --git a/.github/workflows/check_approved_limit.yml b/.github/workflows/check_approved_limit.yml index cb17a1d2..406a33f7 100644 --- a/.github/workflows/check_approved_limit.yml +++ b/.github/workflows/check_approved_limit.yml @@ -36,7 +36,7 @@ jobs: check-limit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4422b864..e785d98b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -47,7 +47,7 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 58aef104..6020ab32 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -30,7 +30,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/pelican-action-test.yml b/.github/workflows/pelican-action-test.yml index e6791e75..e56fe981 100644 --- a/.github/workflows/pelican-action-test.yml +++ b/.github/workflows/pelican-action-test.yml @@ -38,14 +38,14 @@ jobs: group: testsite-${{ github.ref_name }} # must agree with TARGET steps: - name: Checkout the test site - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 with: ref: ${{ env.SOURCE }} - name: Ignore the action checkout run: | echo "self/" >> .git/info/exclude - name: Checkout self - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 with: path: self - name: Reset output directory ${{ env.TARGET }} diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 19106084..b41ef46e 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -29,7 +29,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index 6e0d88a2..e0c51983 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -28,7 +28,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/rat.yml b/.github/workflows/rat.yml index d7097ec3..0da340b3 100644 --- a/.github/workflows/rat.yml +++ b/.github/workflows/rat.yml @@ -30,7 +30,7 @@ jobs: rat: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/remove_expired.yml b/.github/workflows/remove_expired.yml index 80331b2f..8bc3c740 100644 --- a/.github/workflows/remove_expired.yml +++ b/.github/workflows/remove_expired.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: true # Use PAT so the commit triggers other actions diff --git a/.github/workflows/stash-action-test.yml b/.github/workflows/stash-action-test.yml index d72271e3..b8591345 100644 --- a/.github/workflows/stash-action-test.yml +++ b/.github/workflows/stash-action-test.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest container: quay.io/centos/centos:stream8 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - name: Run action continue-on-error: true @@ -58,7 +58,7 @@ jobs: os: [ubuntu-latest, windows-latest, macos-15-intel, macos-14] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - name: Run unittests shell: bash @@ -135,7 +135,7 @@ jobs: needs: test-save runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - name: Test intra-workflow stash uses: ./stash/restore diff --git a/.github/workflows/update_actions.yml b/.github/workflows/update_actions.yml index ee0d31bf..b48851b2 100644 --- a/.github/workflows/update_actions.yml +++ b/.github/workflows/update_actions.yml @@ -43,7 +43,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: true diff --git a/.github/workflows/update_dummy.yml b/.github/workflows/update_dummy.yml index b521f6d2..32b439ce 100644 --- a/.github/workflows/update_dummy.yml +++ b/.github/workflows/update_dummy.yml @@ -41,7 +41,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: true # We have to use a PAT to commit the workflow file diff --git a/.github/workflows/verify_dependabot_action.yml b/.github/workflows/verify_dependabot_action.yml index f1830f65..3a451f6c 100644 --- a/.github/workflows/verify_dependabot_action.yml +++ b/.github/workflows/verify_dependabot_action.yml @@ -32,7 +32,7 @@ jobs: if: github.actor == 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: persist-credentials: false