From 341a10672f0c774d19465b97beed73f18fd23bd9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 20:56:46 +0000 Subject: [PATCH] chore(deps): update github-actions --- .github/workflows/chromatic.yml | 4 ++-- .github/workflows/ci.yml | 4 ++-- .github/workflows/release.yml | 12 ++++++------ .github/workflows/security-audit.yaml | 4 ++-- .github/workflows/workflow-audit.yaml | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index 6f213600..2e2d0cd1 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 @@ -36,7 +36,7 @@ jobs: working-directory: lib - name: Run Chromatic - uses: chromaui/action@1db61b73b7919508ee8e62336f04bd0aed6da756 # latest + uses: chromaui/action@98132da0fca2211fb41b3af7b49ce85176007851 # latest with: projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} workingDir: lib diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 945ff94a..329fe1c8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ jobs: name: Build & Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: @@ -34,7 +34,7 @@ jobs: name: Standalone Smoketest runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # `cargo check` runs standalone/src-tauri/build.rs, which fails the build # unless the Node.js on PATH exactly matches package.json's diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 376116a3..8ed8fbed 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,7 +29,7 @@ jobs: artifact-name: standalone-win-x64 runs-on: ${{ matrix.platform }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # The bundled Node.js version is pinned in package.json's # devEngines.runtime.version (see standalone/src-tauri/build.rs, which @@ -74,7 +74,7 @@ jobs: echo "TAURI_SIGNING_PRIVATE_KEY=$key_path" >> "$GITHUB_ENV" - name: Build Tauri app - uses: tauri-apps/tauri-action@84b9d35b5fc46c1e45415bdb6144030364f7ebc5 # v0 + uses: tauri-apps/tauri-action@1deb371b0cd8bd54025b384f1cd735e725c4060f # v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -130,7 +130,7 @@ jobs: [[ -s "$manifest" ]] - name: Attest artifact manifest - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: standalone/artifact-manifest.sha256 @@ -159,7 +159,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: @@ -207,7 +207,7 @@ jobs: [[ -s "$manifest" ]] - name: Attest artifact manifest - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: vscode-ext/artifact-manifest.sha256 @@ -290,7 +290,7 @@ jobs: environment: name: vscode-extension-publish steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: diff --git a/.github/workflows/security-audit.yaml b/.github/workflows/security-audit.yaml index 111d7961..be6215ea 100644 --- a/.github/workflows/security-audit.yaml +++ b/.github/workflows/security-audit.yaml @@ -31,7 +31,7 @@ jobs: environment: name: security-audit steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -55,7 +55,7 @@ jobs: exit 1 - name: Audit against SECURITY.md - uses: anthropics/claude-code-action@4d7e1f0cd85743fdc93b1c8040ab54395da024e2 # v1 + uses: anthropics/claude-code-action@a92e7c70a4da9793dc164451d829089dc057a464 # v1 env: # `claude-code-action` resets `GH_TOKEN` to its own internal # workflow token, so setting `GH_TOKEN` at this scope is diff --git a/.github/workflows/workflow-audit.yaml b/.github/workflows/workflow-audit.yaml index af2e0cf3..db282e5b 100644 --- a/.github/workflows/workflow-audit.yaml +++ b/.github/workflows/workflow-audit.yaml @@ -23,7 +23,7 @@ jobs: audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0