diff --git a/.github/workflows/command-compile.yml b/.github/workflows/command-compile.yml index d2a4fdc6448..c1051fdb180 100644 --- a/.github/workflows/command-compile.yml +++ b/.github/workflows/command-compile.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Check actor permission - uses: skjnldsv/check-actor-permission@e591dbfe838300c007028e1219ca82cc26e8d7c5 # v2 + uses: skjnldsv/check-actor-permission@e591dbfe838300c007028e1219ca82cc26e8d7c5 # v2.1 with: require: write @@ -31,7 +31,7 @@ jobs: reactions: "+1" - name: Parse command - uses: skjnldsv/parse-command-comment@7cef1df370a99dfd5bf896d50121390c96785db8 # v2 + uses: skjnldsv/parse-command-comment@7cef1df370a99dfd5bf896d50121390c96785db8 # v2.0 id: command # Init path depending on which command is run @@ -73,7 +73,7 @@ jobs: fallbackNpm: '^6' - name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }} - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }} cache: npm diff --git a/.github/workflows/cypress.yml b/.github/workflows/cypress.yml index 33c7c04b0a3..853e89d2c96 100644 --- a/.github/workflows/cypress.yml +++ b/.github/workflows/cypress.yml @@ -27,7 +27,7 @@ jobs: - name: Check composer.json id: check_composer - uses: andstor/file-existence-action@20b4d2e596410855db8f9ca21e96fbe18e12930b # v2 + uses: andstor/file-existence-action@20b4d2e596410855db8f9ca21e96fbe18e12930b # v2.0.0 with: files: "composer.json" diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml index 9951547f76a..298d76ed8ec 100644 --- a/.github/workflows/dependabot-approve-merge.yml +++ b/.github/workflows/dependabot-approve-merge.yml @@ -34,7 +34,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} # Nextcloud bot approve and merge request - - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2 + - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2.6.6 with: target: minor github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }} diff --git a/.github/workflows/ftp.yml b/.github/workflows/ftp.yml index fa4c52ce67d..dfd82f7b7e7 100644 --- a/.github/workflows/ftp.yml +++ b/.github/workflows/ftp.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true @@ -42,7 +42,7 @@ jobs: if [[ "${{ matrix.ftpd }}" == 'vsftpd' ]]; then docker run --name ftp -d --net host -e FTP_USER=test -e FTP_PASS=test -e PASV_ADDRESS=127.0.0.1 -v /tmp/ftp:/home/vsftpd/test fauria/vsftpd; fi if [[ "${{ matrix.ftpd }}" == 'pure-ftpd' ]]; then docker run --name ftp -d --net host -e "PUBLICHOST=localhost" -e FTP_USER_NAME=test -e FTP_USER_PASS=test -e FTP_USER_HOME=/home/test -v /tmp/ftp2:/home/test -v /tmp/ftp2:/etc/pure-ftpd/passwd stilliard/pure-ftpd; fi - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml index 3d2e4d9a5ac..6ad51b50245 100644 --- a/.github/workflows/lint-eslint.yml +++ b/.github/workflows/lint-eslint.yml @@ -40,7 +40,7 @@ jobs: fallbackNpm: '^6' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} diff --git a/.github/workflows/node-tests.yml b/.github/workflows/node-tests.yml index 265c53cf746..71eb58977ad 100644 --- a/.github/workflows/node-tests.yml +++ b/.github/workflows/node-tests.yml @@ -19,10 +19,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@v1.1 + uses: skjnldsv/read-package-engines-version-actions@1e2f46e78e31476bc71ebd909105e6e033d5a6f4 # v1.1 id: versions with: fallbackNode: '^12' @@ -34,10 +34,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Set up node ${{ needs.versions.outputs.nodeVersion }} - uses: actions/setup-node@v2 + uses: actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2 with: node-version: ${{ needs.versions.outputs.nodeVersion }} @@ -56,10 +56,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Set up node ${{ needs.versions.outputs.nodeVersion }} - uses: actions/setup-node@v2 + uses: actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2 with: node-version: ${{ needs.versions.outputs.nodeVersion }} @@ -78,10 +78,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Set up node ${{ needs.versions.outputs.nodeVersion }} - uses: actions/setup-node@v2 + uses: actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2 with: node-version: ${{ needs.versions.outputs.nodeVersion }} diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml index d994489603d..859b3f56ab0 100644 --- a/.github/workflows/node.yml +++ b/.github/workflows/node.yml @@ -47,7 +47,7 @@ jobs: fallbackNpm: '^6' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} diff --git a/.github/workflows/oci.yml b/.github/workflows/oci.yml index e818a9660d9..ded205a75e4 100644 --- a/.github/workflows/oci.yml +++ b/.github/workflows/oci.yml @@ -42,12 +42,12 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, oci8, openssl, pcntl, pdo_sqlite, posix, sqlite, xml, zip diff --git a/.github/workflows/performance.yml b/.github/workflows/performance.yml index 65be747ce73..4ffc6fa95aa 100644 --- a/.github/workflows/performance.yml +++ b/.github/workflows/performance.yml @@ -17,13 +17,13 @@ jobs: steps: - name: Checkout server before PR - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true ref: ${{ github.event.pull_request.base.ref }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 @@ -38,7 +38,7 @@ jobs: php -S localhost:8080 & - name: Apply blueprint - uses: icewind1991/blueprint@v0.1.2 + uses: icewind1991/blueprint@00504403f76cb2a09efd0d16793575055e6f63cb # v0.1.2 with: blueprint: tests/blueprints/basic.toml ref: ${{ github.event.pull_request.head.ref }} @@ -86,7 +86,7 @@ jobs: before.json after.json - - uses: actions/github-script@v5 + - uses: actions/github-script@211cb3fefb35a799baa5156f9321bb774fe56294 # v5.2.0 if: failure() && steps.compare.outcome == 'failure' with: github-token: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/phpunit-32bits.yml b/.github/workflows/phpunit-32bits.yml index 5458b8696db..3646084735f 100644 --- a/.github/workflows/phpunit-32bits.yml +++ b/.github/workflows/phpunit-32bits.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true diff --git a/.github/workflows/s3-external.yml b/.github/workflows/s3-external.yml index a987f8a3f67..f8e184173ab 100644 --- a/.github/workflows/s3-external.yml +++ b/.github/workflows/s3-external.yml @@ -38,12 +38,12 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 @@ -91,12 +91,12 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 diff --git a/.github/workflows/s3-primary-integration.yml b/.github/workflows/s3-primary-integration.yml index 5785cc858b4..48adf13fe21 100644 --- a/.github/workflows/s3-primary-integration.yml +++ b/.github/workflows/s3-primary-integration.yml @@ -34,12 +34,12 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 diff --git a/.github/workflows/s3-primary.yml b/.github/workflows/s3-primary.yml index 9b4269d737b..7904712b60e 100644 --- a/.github/workflows/s3-primary.yml +++ b/.github/workflows/s3-primary.yml @@ -32,12 +32,12 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: ${{ matrix.php-versions }} tools: phpunit:9 diff --git a/.github/workflows/sftp.yml b/.github/workflows/sftp.yml index 939372a53d2..cc6b4bb8539 100644 --- a/.github/workflows/sftp.yml +++ b/.github/workflows/sftp.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout server - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 29e680b4698..3246039a03e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -15,7 +15,7 @@ jobs: issues: write steps: - - uses: actions/stale@v5 + - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5.2.1 with: repo-token: ${{ secrets.COMMAND_BOT_PAT }} stale-issue-message: > diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml index cda55ab4c4c..1b34261fec7 100644 --- a/.github/workflows/static-code-analysis.yml +++ b/.github/workflows/static-code-analysis.yml @@ -15,12 +15,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: '8.0' extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip @@ -40,7 +40,7 @@ jobs: - name: Upload Analysis results to GitHub if: always() - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2.28.1 with: sarif_file: results.sarif @@ -49,12 +49,12 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php - uses: shivammathur/setup-php@master + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: '8.0' extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip @@ -68,7 +68,7 @@ jobs: - name: Upload Security Analysis results to GitHub if: always() - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2.28.1 with: sarif_file: results.sarif @@ -77,12 +77,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: submodules: true - name: Set up php - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: '8.0' extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip diff --git a/.github/workflows/update-cacert-bundle.yml b/.github/workflows/update-cacert-bundle.yml index 8d0e9d79d52..225e0267f84 100644 --- a/.github/workflows/update-cacert-bundle.yml +++ b/.github/workflows/update-cacert-bundle.yml @@ -17,7 +17,7 @@ jobs: name: update-ca-certificate-bundle-${{ matrix.branches }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ matrix.branches }} submodules: true @@ -26,7 +26,7 @@ jobs: run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem - name: Create Pull Request - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3.14.0 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: Update CA certificate bundle diff --git a/.github/workflows/update-psalm-baseline.yml b/.github/workflows/update-psalm-baseline.yml index 1c0186f1ff7..1a25138ee49 100644 --- a/.github/workflows/update-psalm-baseline.yml +++ b/.github/workflows/update-psalm-baseline.yml @@ -19,13 +19,13 @@ jobs: name: update-psalm-baseline-${{ matrix.branches }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: ref: ${{ matrix.branches }} submodules: true - name: Set up php - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0 with: php-version: '8.0' extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip @@ -50,7 +50,7 @@ jobs: git checkout composer.json composer.lock lib/composer - name: Create Pull Request - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # v4.2.4 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: Update psalm baseline