diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index dade73b4..52ed4b69 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -42,11 +42,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.36.1 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml @@ -58,7 +58,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v4.36.1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -72,4 +72,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v4.36.1 diff --git a/.github/workflows/conventional-commit-pr-title.yml b/.github/workflows/conventional-commit-pr-title.yml index 1bd683f9..cf0b994c 100644 --- a/.github/workflows/conventional-commit-pr-title.yml +++ b/.github/workflows/conventional-commit-pr-title.yml @@ -14,6 +14,6 @@ jobs: permissions: pull-requests: read steps: - - uses: amannn/action-semantic-pull-request@v6 + - uses: amannn/action-semantic-pull-request@v6.1.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/dist.yml b/.github/workflows/dist.yml index c720a65b..4c5fd30f 100644 --- a/.github/workflows/dist.yml +++ b/.github/workflows/dist.yml @@ -7,12 +7,12 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 with: token: ${{ secrets.DEVEX_BOT_TOKEN }} - name: Setup node 24 - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.4.0 with: node-version: 24.11.1 diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 5d3d84b8..2bc5fc18 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -9,14 +9,14 @@ jobs: release-please-release: runs-on: ubuntu-latest steps: - - uses: google-github-actions/release-please-action@v3 + - uses: google-github-actions/release-please-action@v3.7.13 id: release with: package-name: ${{env.ACTION_NAME}} release-type: node token: ${{ github.token }} command: github-release - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 - name: tag major and minor versions if: ${{ steps.release.outputs.release_created }} run: | @@ -36,7 +36,7 @@ jobs: - release-please-release steps: - id: release-pr - uses: google-github-actions/release-please-action@v3 + uses: google-github-actions/release-please-action@v3.7.13 with: token: ${{ secrets.DEVEX_BOT_TOKEN }} release-type: node diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4eec9e22..e0e7db00 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,10 +21,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 - name: Setup node 24 - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.4.0 with: node-version: 24.11.1 @@ -71,7 +71,7 @@ jobs: arch: arm64 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 - name: Install Octopus CLI uses: ./ diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index bc0417b5..f34fbfd7 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.3 - name: Self-hosted Renovate uses: renovatebot/github-action@f9c81dddc9b589e4e6ae0326d1e36f6bc415d230 # v39.2.4 diff --git a/package-lock.json b/package-lock.json index 8d2c6bbc..0c1426f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,10 +25,10 @@ "@types/uuid": "9.0.8", "@typescript-eslint/eslint-plugin": "8.59.2", "@typescript-eslint/parser": "8.59.2", - "cross-env": "^10.1.0", + "cross-env": "10.1.0", "esbuild": "0.25.1", "eslint": "9.39.4", - "eslint-import-resolver-typescript": "^4.4.4", + "eslint-import-resolver-typescript": "4.4.4", "eslint-plugin-github": "6.0.0", "eslint-plugin-jest": "29.15.2", "globals": "16.5.0", diff --git a/package.json b/package.json index 3f7353af..db092314 100644 --- a/package.json +++ b/package.json @@ -21,10 +21,10 @@ "@types/uuid": "9.0.8", "@typescript-eslint/eslint-plugin": "8.59.2", "@typescript-eslint/parser": "8.59.2", - "cross-env": "^10.1.0", + "cross-env": "10.1.0", "esbuild": "0.25.1", "eslint": "9.39.4", - "eslint-import-resolver-typescript": "^4.4.4", + "eslint-import-resolver-typescript": "4.4.4", "eslint-plugin-github": "6.0.0", "eslint-plugin-jest": "29.15.2", "globals": "16.5.0",