diff --git a/.github/workflows/acceptance-tests.yml b/.github/workflows/acceptance-tests.yml index 3818f2ebe..86a54cfce 100644 --- a/.github/workflows/acceptance-tests.yml +++ b/.github/workflows/acceptance-tests.yml @@ -12,7 +12,7 @@ jobs: - name: Check out with: persist-credentials: false - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: version: v2026.6.10 diff --git a/.github/workflows/api-diff.yml b/.github/workflows/api-diff.yml index 2a74afa7a..35f39fe4e 100644 --- a/.github/workflows/api-diff.yml +++ b/.github/workflows/api-diff.yml @@ -33,7 +33,7 @@ jobs: ${{ contains(github.event.pull_request.labels.*.name, 'breaking-api-change-accepted') }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ce7d06f44..12ad302b9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,7 +9,7 @@ jobs: build: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 diff --git a/.github/workflows/bump-api-diff-baseline.yml b/.github/workflows/bump-api-diff-baseline.yml index db2ccfc84..8b874b4a4 100644 --- a/.github/workflows/bump-api-diff-baseline.yml +++ b/.github/workflows/bump-api-diff-baseline.yml @@ -29,7 +29,7 @@ jobs: permissions: contents: write # push to the snapshot PR branch steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: ref: ${{ env.SNAPSHOT_BRANCH }} persist-credentials: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 188cbbb11..ec5216049 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,7 +21,7 @@ jobs: security-events: write # required for github/codeql-action/analyze to upload SARIF steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/generate-protobuf.yml b/.github/workflows/generate-protobuf.yml index a87b12608..0f4ad5a7a 100644 --- a/.github/workflows/generate-protobuf.yml +++ b/.github/workflows/generate-protobuf.yml @@ -14,7 +14,7 @@ jobs: permissions: contents: read # checkout + read-only `git fetch origin main` for the verify step steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: ref: ${{ github.ref }} persist-credentials: false @@ -66,7 +66,7 @@ jobs: permissions: contents: write # push regenerated sources back to the renovate branch steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: ref: ${{ github.ref }} # zizmor: ignore[artipacked] -- needs credentials to push diff --git a/.github/workflows/github-pages.yaml b/.github/workflows/github-pages.yaml index f53cbb908..ed13e6685 100644 --- a/.github/workflows/github-pages.yaml +++ b/.github/workflows/github-pages.yaml @@ -32,7 +32,7 @@ jobs: if: github.repository == 'prometheus/client_java' runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false fetch-tags: "true" diff --git a/.github/workflows/java-version-matrix-tests.yml b/.github/workflows/java-version-matrix-tests.yml index 22fdda1db..dd5ab2db5 100644 --- a/.github/workflows/java-version-matrix-tests.yml +++ b/.github/workflows/java-version-matrix-tests.yml @@ -26,7 +26,7 @@ jobs: java-version: [8, 11, 17, 21, 25] steps: - name: Check out - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/jmx-exporter-compatibility.yml b/.github/workflows/jmx-exporter-compatibility.yml index c1c437e1d..f8f2053ab 100644 --- a/.github/workflows/jmx-exporter-compatibility.yml +++ b/.github/workflows/jmx-exporter-compatibility.yml @@ -19,7 +19,7 @@ jobs: jmx-exporter-compatibility: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 4c704379e..08d4c336e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false fetch-depth: 0 # needed for git diff --merge-base in lint:links diff --git a/.github/workflows/micrometer-compatibility.yml b/.github/workflows/micrometer-compatibility.yml index 818fe2552..e00b86645 100644 --- a/.github/workflows/micrometer-compatibility.yml +++ b/.github/workflows/micrometer-compatibility.yml @@ -27,7 +27,7 @@ jobs: # renovate: datasource=git-refs depName=zeitlinger/micrometer packageName=https://github.com/zeitlinger/micrometer currentValue=feat/prom-client-java-typed-family-descriptor ref: 8f90b70807f5a063c592e3b17ef3b908be894086 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 diff --git a/.github/workflows/multi-version-test.yml b/.github/workflows/multi-version-test.yml index 1519b08f0..699029c30 100644 --- a/.github/workflows/multi-version-test.yml +++ b/.github/workflows/multi-version-test.yml @@ -15,7 +15,7 @@ jobs: java: [17, 21, 25] steps: - name: Check out - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/native-tests.yml b/.github/workflows/native-tests.yml index 2ba165cfe..a3d59fe93 100644 --- a/.github/workflows/native-tests.yml +++ b/.github/workflows/native-tests.yml @@ -12,7 +12,7 @@ jobs: - name: Check out with: persist-credentials: false - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: version: v2026.6.10 diff --git a/.github/workflows/nightly-benchmarks.yml b/.github/workflows/nightly-benchmarks.yml index 058c45a63..c02c466c5 100644 --- a/.github/workflows/nightly-benchmarks.yml +++ b/.github/workflows/nightly-benchmarks.yml @@ -28,7 +28,7 @@ jobs: contents: read # checkout only steps: - name: Checkout main branch - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false fetch-depth: 0 @@ -75,7 +75,7 @@ jobs: contents: write # push generated results to the benchmarks branch steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # zizmor: ignore[artipacked] -- needs credentials to push to benchmarks branch persist-credentials: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 437d943ad..8ef07cfb2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -64,7 +64,7 @@ jobs: "If the GPG Key Expired" fi - name: Checkout Plugin Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ inputs.tag }} persist-credentials: false diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 56bdd6d1b..d4dda252c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -22,7 +22,7 @@ jobs: id-token: write # required by scorecard-action for OIDC token steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false diff --git a/.github/workflows/test-release-build.yml b/.github/workflows/test-release-build.yml index 3bf6257ea..38cc43ba5 100644 --- a/.github/workflows/test-release-build.yml +++ b/.github/workflows/test-release-build.yml @@ -13,7 +13,7 @@ jobs: build: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: persist-credentials: false fetch-tags: "true"