diff --git a/.github/workflows/cd-deploy-nodes-gcp.yml b/.github/workflows/cd-deploy-nodes-gcp.yml index 70caeb13ac0..daecd1c4d68 100644 --- a/.github/workflows/cd-deploy-nodes-gcp.yml +++ b/.github/workflows/cd-deploy-nodes-gcp.yml @@ -203,7 +203,7 @@ jobs: if: ${{ !cancelled() && !failure() && ((github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'release') }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -226,7 +226,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -305,7 +305,7 @@ jobs: if: github.event_name == 'workflow_dispatch' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -328,7 +328,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' diff --git a/.github/workflows/chore-delete-gcp-resources.yml b/.github/workflows/chore-delete-gcp-resources.yml index a623037059b..43ac4ed3973 100644 --- a/.github/workflows/chore-delete-gcp-resources.yml +++ b/.github/workflows/chore-delete-gcp-resources.yml @@ -39,14 +39,14 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -107,14 +107,14 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -122,7 +122,7 @@ jobs: token_format: 'access_token' - name: Login to Google Artifact Registry - uses: docker/login-action@v3.0.0 + uses: docker/login-action@v3.1.0 with: registry: us-docker.pkg.dev username: oauth2accesstoken diff --git a/.github/workflows/chore-project-management.yml b/.github/workflows/chore-project-management.yml index 4825e353c94..347bb902a41 100644 --- a/.github/workflows/chore-project-management.yml +++ b/.github/workflows/chore-project-management.yml @@ -18,7 +18,7 @@ jobs: name: Adds all new issues to the "Zebra Backlog" Github project runs-on: ubuntu-latest steps: - - uses: actions/add-to-project@v0.5.0 + - uses: actions/add-to-project@v1.0.1 with: project-url: https://github.com/orgs/ZcashFoundation/projects/9 # TODO: use a PAT from a `bot` account we create for the organization @@ -29,7 +29,7 @@ jobs: name: Adds all new issues to the "ZF Engineering Backlog" Github project runs-on: ubuntu-latest steps: - - uses: actions/add-to-project@v0.5.0 + - uses: actions/add-to-project@v1.0.1 with: project-url: https://github.com/orgs/ZcashFoundation/projects/13 # TODO: use a PAT from a `bot` account we create for the organization diff --git a/.github/workflows/ci-build-crates.patch.yml b/.github/workflows/ci-build-crates.patch.yml index 58d8f8210d1..6c65b04c8f9 100644 --- a/.github/workflows/ci-build-crates.patch.yml +++ b/.github/workflows/ci-build-crates.patch.yml @@ -23,7 +23,7 @@ jobs: outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 # Setup Rust with stable toolchain and minimal profile - name: Setup Rust diff --git a/.github/workflows/ci-build-crates.yml b/.github/workflows/ci-build-crates.yml index 5347eee6b29..9ec449257ea 100644 --- a/.github/workflows/ci-build-crates.yml +++ b/.github/workflows/ci-build-crates.yml @@ -60,7 +60,7 @@ jobs: outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 - uses: r7kamura/rust-problem-matchers@v1.4.0 # Setup Rust with stable toolchain and minimal profile @@ -122,7 +122,7 @@ jobs: matrix: ${{ fromJson(needs.matrix.outputs.matrix) }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 diff --git a/.github/workflows/ci-coverage.yml b/.github/workflows/ci-coverage.yml index b1bea8bfc69..13781ce1ffe 100644 --- a/.github/workflows/ci-coverage.yml +++ b/.github/workflows/ci-coverage.yml @@ -69,7 +69,7 @@ jobs: runs-on: ubuntu-latest-xl steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -103,4 +103,4 @@ jobs: run: cargo llvm-cov --lcov --no-run --output-path lcov.info - name: Upload coverage report to Codecov - uses: codecov/codecov-action@v4.0.1 + uses: codecov/codecov-action@v4.3.0 diff --git a/.github/workflows/ci-lint.yml b/.github/workflows/ci-lint.yml index c80c9f32850..f23059298f2 100644 --- a/.github/workflows/ci-lint.yml +++ b/.github/workflows/ci-lint.yml @@ -37,14 +37,14 @@ jobs: rust: ${{ steps.changed-files-rust.outputs.any_changed == 'true' }} workflows: ${{ steps.changed-files-workflows.outputs.any_changed == 'true' }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false fetch-depth: 0 - name: Rust files id: changed-files-rust - uses: tj-actions/changed-files@v42.0.4 + uses: tj-actions/changed-files@v44.3.0 with: files: | **/*.rs @@ -56,7 +56,7 @@ jobs: - name: Workflow files id: changed-files-workflows - uses: tj-actions/changed-files@v42.0.4 + uses: tj-actions/changed-files@v44.3.0 with: files: | .github/workflows/*.yml @@ -69,7 +69,7 @@ jobs: if: ${{ needs.changed-files.outputs.rust == 'true' }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -119,7 +119,7 @@ jobs: if: ${{ needs.changed-files.outputs.rust == 'true' }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -149,9 +149,9 @@ jobs: needs: changed-files if: ${{ needs.changed-files.outputs.workflows == 'true' }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 - name: actionlint - uses: reviewdog/action-actionlint@v1.41.0 + uses: reviewdog/action-actionlint@v1.44.0 with: level: warning fail_on_error: false @@ -166,7 +166,7 @@ jobs: runs-on: ubuntu-latest needs: changed-files steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 - uses: codespell-project/actions-codespell@v2.0 with: only_warn: 1 diff --git a/.github/workflows/ci-unit-tests-os.yml b/.github/workflows/ci-unit-tests-os.yml index 1862e4b041a..50f76e22247 100644 --- a/.github/workflows/ci-unit-tests-os.yml +++ b/.github/workflows/ci-unit-tests-os.yml @@ -95,7 +95,7 @@ jobs: rust: beta steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -184,7 +184,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -206,7 +206,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -249,7 +249,7 @@ jobs: continue-on-error: ${{ matrix.checks == 'advisories' }} steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -270,7 +270,7 @@ jobs: steps: - name: Checkout git repository - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -281,7 +281,7 @@ jobs: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal - name: Install cargo-machete - uses: baptiste0928/cargo-install@v3.0.0 + uses: baptiste0928/cargo-install@v3.1.0 with: crate: cargo-machete diff --git a/.github/workflows/docs-deploy-firebase.yml b/.github/workflows/docs-deploy-firebase.yml index 71cdd2927e2..162c2a947c4 100644 --- a/.github/workflows/docs-deploy-firebase.yml +++ b/.github/workflows/docs-deploy-firebase.yml @@ -85,7 +85,7 @@ jobs: pull-requests: write steps: - name: Checkout the source code - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -106,7 +106,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -139,7 +139,7 @@ jobs: pull-requests: write steps: - name: Checkout the source code - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -165,7 +165,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' diff --git a/.github/workflows/docs-dockerhub-description.yml b/.github/workflows/docs-dockerhub-description.yml index 010e3ef9f7c..07e67c66e51 100644 --- a/.github/workflows/docs-dockerhub-description.yml +++ b/.github/workflows/docs-dockerhub-description.yml @@ -17,7 +17,7 @@ jobs: dockerHubDescription: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false diff --git a/.github/workflows/manual-zcashd-deploy.yml b/.github/workflows/manual-zcashd-deploy.yml index 9b84c5f5360..f9553a5a4b1 100644 --- a/.github/workflows/manual-zcashd-deploy.yml +++ b/.github/workflows/manual-zcashd-deploy.yml @@ -29,7 +29,7 @@ jobs: id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -52,7 +52,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' diff --git a/.github/workflows/release-crates-io.yml b/.github/workflows/release-crates-io.yml index 471ed9e3fc3..86457a046ca 100644 --- a/.github/workflows/release-crates-io.yml +++ b/.github/workflows/release-crates-io.yml @@ -70,7 +70,7 @@ jobs: - uses: r7kamura/rust-problem-matchers@v1.4.0 - name: Checkout git repository - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.3 with: persist-credentials: false @@ -85,7 +85,7 @@ jobs: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal - name: Install cargo-release - uses: baptiste0928/cargo-install@v3.0.0 + uses: baptiste0928/cargo-install@v3.1.0 with: crate: cargo-release diff --git a/.github/workflows/sub-build-docker-image.yml b/.github/workflows/sub-build-docker-image.yml index e804158cd12..a97ab8f8abd 100644 --- a/.github/workflows/sub-build-docker-image.yml +++ b/.github/workflows/sub-build-docker-image.yml @@ -76,7 +76,7 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false - uses: r7kamura/rust-problem-matchers@v1.4.0 @@ -125,7 +125,7 @@ jobs: - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -137,7 +137,7 @@ jobs: access_token_lifetime: 10800s - name: Login to Google Artifact Registry - uses: docker/login-action@v3.0.0 + uses: docker/login-action@v3.1.0 with: registry: us-docker.pkg.dev username: oauth2accesstoken @@ -147,7 +147,7 @@ jobs: # We only publish images to DockerHub if a release is not a pre-release # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177 if: ${{ github.event_name == 'release' && !github.event.release.prerelease }} - uses: docker/login-action@v3.0.0 + uses: docker/login-action@v3.1.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -155,7 +155,7 @@ jobs: # Build and push image to Google Artifact Registry, and possibly DockerHub - name: Build & push id: docker_build - uses: docker/build-push-action@v5.1.0 + uses: docker/build-push-action@v5.3.0 with: target: ${{ inputs.dockerfile_target }} context: . diff --git a/.github/workflows/sub-build-lightwalletd.yml b/.github/workflows/sub-build-lightwalletd.yml index 258a2f0052f..571b23d084f 100644 --- a/.github/workflows/sub-build-lightwalletd.yml +++ b/.github/workflows/sub-build-lightwalletd.yml @@ -56,14 +56,14 @@ jobs: id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: # Note: check service.proto when modifying lightwalletd repo repository: zcash/lightwalletd ref: 'v0.4.16' persist-credentials: false - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: path: zebra persist-credentials: false @@ -111,7 +111,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -122,7 +122,7 @@ jobs: uses: google-github-actions/setup-gcloud@v2.1.0 - name: Login to Google Artifact Registry - uses: docker/login-action@v3.0.0 + uses: docker/login-action@v3.1.0 with: registry: us-docker.pkg.dev username: oauth2accesstoken @@ -131,7 +131,7 @@ jobs: # Build and push image to Google Artifact Registry - name: Build & push id: docker_build - uses: docker/build-push-action@v5.1.0 + uses: docker/build-push-action@v5.3.0 with: target: build context: . diff --git a/.github/workflows/sub-deploy-integration-tests-gcp.yml b/.github/workflows/sub-deploy-integration-tests-gcp.yml index e132f3ac8d6..fc33f51067b 100644 --- a/.github/workflows/sub-deploy-integration-tests-gcp.yml +++ b/.github/workflows/sub-deploy-integration-tests-gcp.yml @@ -118,7 +118,7 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false fetch-depth: '2' @@ -150,7 +150,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' @@ -403,7 +403,7 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false fetch-depth: '2' @@ -447,7 +447,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: workload_identity_provider: '${{ vars.GCP_WIF }}' service_account: '${{ vars.GCP_DEPLOYMENTS_SA }}' @@ -710,7 +710,7 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false fetch-depth: '2' @@ -724,7 +724,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: workload_identity_provider: '${{ vars.GCP_WIF }}' service_account: '${{ vars.GCP_DEPLOYMENTS_SA }}' diff --git a/.github/workflows/sub-find-cached-disks.yml b/.github/workflows/sub-find-cached-disks.yml index 35a48194097..bb6f3e22df4 100644 --- a/.github/workflows/sub-find-cached-disks.yml +++ b/.github/workflows/sub-find-cached-disks.yml @@ -37,7 +37,7 @@ jobs: contents: 'read' id-token: 'write' steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false fetch-depth: 0 @@ -45,7 +45,7 @@ jobs: # Setup gcloud CLI - name: Authenticate to Google Cloud id: auth - uses: google-github-actions/auth@v2.1.1 + uses: google-github-actions/auth@v2.1.2 with: retries: '3' workload_identity_provider: '${{ vars.GCP_WIF }}' diff --git a/.github/workflows/sub-test-zebra-config.yml b/.github/workflows/sub-test-zebra-config.yml index 85d2318dfa0..90d777fca8b 100644 --- a/.github/workflows/sub-test-zebra-config.yml +++ b/.github/workflows/sub-test-zebra-config.yml @@ -38,7 +38,7 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest-m steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.3 with: persist-credentials: false