diff --git a/.github/workflows/cache-clear.yml b/.github/workflows/cache-clear.yml index ceb64f80..9c2d3e27 100644 --- a/.github/workflows/cache-clear.yml +++ b/.github/workflows/cache-clear.yml @@ -10,7 +10,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d1ab9a08..ba7b55de 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: "Initialize CodeQL" - uses: "github/codeql-action/init@ddccb873888234080b77e9bc2d4764d5ccaaccf9" # v2.21.9 + uses: "github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1" # v2.22.3 with: languages: "${{ matrix.language }}" # If you wish to specify custom queries, you can do so here or in a config file. @@ -62,7 +62,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: "Autobuild" - uses: "github/codeql-action/autobuild@ddccb873888234080b77e9bc2d4764d5ccaaccf9" # v2.21.9 + uses: "github/codeql-action/autobuild@0116bc2df50751f9724a2e35ef1f24d22f90e4e1" # v2.22.3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -75,6 +75,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: "Perform CodeQL Analysis" - uses: "github/codeql-action/analyze@ddccb873888234080b77e9bc2d4764d5ccaaccf9" # v2.21.9 + uses: "github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1" # v2.22.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/comment-issue.yml b/.github/workflows/comment-issue.yml index a6ae8042..c2cc543b 100644 --- a/.github/workflows/comment-issue.yml +++ b/.github/workflows/comment-issue.yml @@ -16,7 +16,7 @@ jobs: issues: "write" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index aa6911ca..ca96fc02 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -20,7 +20,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index d4d89667..f1030af9 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -16,11 +16,11 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" - - uses: "actions/first-interaction@1d8459ca65b335265f1285568221e229d45a995e" # v1.1.1 + - uses: "actions/first-interaction@1dbfe1ba5525b8257e1f259b09745bee346d62d8" # v1.2.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" issue-message: "Awesome! Thank you for taking the time to create your first issue! Please review the [guidelines](https://narrowspark.com/docs/current/contributing)" diff --git a/.github/workflows/introspect.yml b/.github/workflows/introspect.yml index 77b9549b..21d5a868 100644 --- a/.github/workflows/introspect.yml +++ b/.github/workflows/introspect.yml @@ -21,7 +21,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 82e4ecfc..d7f70bc7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -48,7 +48,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -88,7 +88,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -115,7 +115,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 3c1b88d7..1a9831d9 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -43,7 +43,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: "ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031" # v2.2.0 + uses: "ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398" # v2.3.0 with: results_file: "results.sarif" results_format: "sarif" @@ -73,6 +73,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: "github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9" # v2.21.9 + uses: "github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1" # v2.22.3 with: sarif_file: "results.sarif" diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml index 2e5a80b8..7cb9be0a 100644 --- a/.github/workflows/stale-issues.yml +++ b/.github/workflows/stale-issues.yml @@ -18,7 +18,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -43,7 +43,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -66,7 +66,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" @@ -91,7 +91,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0a54f1ca..99a5f35b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -31,7 +31,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423" # v2.6.0 with: egress-policy: "audit" diff --git a/package.json b/package.json index a304e5aa..fe36c576 100644 --- a/package.json +++ b/package.json @@ -101,7 +101,7 @@ "vite-plugin-static-copy": "^0.17.0", "vitest": "^0.34.6" }, - "packageManager": "pnpm@8.8.0", + "packageManager": "pnpm@8.9.2", "engines": { "node": ">=18.16.* <=20.*" },