diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dcd5ff0be898..30d0b8522d92 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,16 +34,16 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@45c373516f557556c15d420e3f5e0aa3d64366bc # v3.31.9 + uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: config-file: ./.github/codeql/config.yml languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45c373516f557556c15d420e3f5e0aa3d64366bc # v3.31.9 + uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/cross-platform-builds.yml b/.github/workflows/cross-platform-builds.yml index 99dfb8888478..9359c78fcc92 100644 --- a/.github/workflows/cross-platform-builds.yml +++ b/.github/workflows/cross-platform-builds.yml @@ -24,9 +24,9 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout Repo - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set Up Node - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: lts/* - name: Install Dependencies @@ -48,7 +48,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Create issue on error uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 diff --git a/.github/workflows/cut-nightly.yml b/.github/workflows/cut-nightly.yml index ed53b5396a27..d85d1d582d70 100644 --- a/.github/workflows/cut-nightly.yml +++ b/.github/workflows/cut-nightly.yml @@ -25,12 +25,12 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout Repo - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 100 - name: Set Up Node - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: lts/* @@ -59,7 +59,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Create issue on error uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 9d1f0a56fcdd..b53bc2791694 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Dependency Review' uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/moderator.yml b/.github/workflows/moderator.yml index 156d42906048..0555018e36b3 100644 --- a/.github/workflows/moderator.yml +++ b/.github/workflows/moderator.yml @@ -16,7 +16,7 @@ jobs: models: read contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: github/ai-moderator@v1 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-tagger.yml b/.github/workflows/release-tagger.yml index f3cbce861173..1400dc019b8e 100644 --- a/.github/workflows/release-tagger.yml +++ b/.github/workflows/release-tagger.yml @@ -30,10 +30,10 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: lts/* - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - run: bash ./.github/workflows/install_dependencies.sh - name: Run tagger run: | @@ -60,7 +60,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Create issue on error uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 diff --git a/.github/workflows/request-validator-rollup.yml b/.github/workflows/request-validator-rollup.yml index 4d579f3243b0..d42abe516279 100644 --- a/.github/workflows/request-validator-rollup.yml +++ b/.github/workflows/request-validator-rollup.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index bf3e7756d17c..9d690ed0626f 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout code' - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -64,7 +64,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: 'Upload artifact' - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: SARIF file path: results.sarif @@ -72,6 +72,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@45c373516f557556c15d420e3f5e0aa3d64366bc # v3.31.9 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: sarif_file: results.sarif diff --git a/.github/workflows/status-page.yml b/.github/workflows/status-page.yml index 09a874e4c626..03afd8211252 100644 --- a/.github/workflows/status-page.yml +++ b/.github/workflows/status-page.yml @@ -18,10 +18,10 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: lts/* - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Add progress comment to cherry-pick issue for Stable and LTS if: github.event_name == 'issues' && github.event.action == 'opened' run: | @@ -56,7 +56,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Create issue on error uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 diff --git a/.github/workflows/update-session-issues.yml b/.github/workflows/update-session-issues.yml index e1b10b0e5a6a..fbf484ca4451 100644 --- a/.github/workflows/update-session-issues.yml +++ b/.github/workflows/update-session-issues.yml @@ -26,7 +26,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout Repo - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Update Session Issues run: | node ./build-system/common/update-session-issues diff --git a/third_party/amp-toolbox-cache-url/package.json b/third_party/amp-toolbox-cache-url/package.json index 805478ef2ab3..b44a30d55b0d 100644 --- a/third_party/amp-toolbox-cache-url/package.json +++ b/third_party/amp-toolbox-cache-url/package.json @@ -33,20 +33,20 @@ }, "devDependencies": { "@ampproject/rollup-plugin-closure-compiler": "0.27.0", - "eslint": "9.39.2", + "eslint": "10.0.2", "eslint-config-google": "0.14.0", - "jasmine": "5.13.0", + "jasmine": "6.1.0", "karma": "6.4.4", "karma-chrome-launcher": "3.2.0", "karma-jasmine": "5.1.0", - "npm-run-all2": "6.2.6", + "npm-run-all2": "8.0.4", "rollup": "4.55.1", "rollup-plugin-commonjs": "10.1.0", "rollup-plugin-filesize": "10.0.0", "rollup-plugin-ignore": "1.0.10", "rollup-plugin-json": "4.0.0", "rollup-plugin-node-builtins": "2.1.2", - "@rollup/plugin-node-resolve": "15.3.1", + "@rollup/plugin-node-resolve": "16.0.3", "rollup-plugin-serve": "3.0.0", "semver": "7.7.3" }