jmuelbert · jmuelbert · Sep 23, 2023 · Sep 4, 2023
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -63,7 +63,7 @@
     runs-on: ubuntu-latest
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -90,7 +90,7 @@
     runs-on: ubuntu-latest
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper
           # list of changed files within `super-linter`
@@ -154,7 +154,7 @@
           access_token: ${{ github.token }}
 
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -344,7 +344,7 @@
           echo ::set-output name=VERSION::"$(echo $GITHUB_REF | cut -d / -f 3)"
 
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -596,7 +596,7 @@
           access_token: ${{ github.token }}
 
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -653,7 +653,7 @@
           access_token: ${{ github.token }}
 
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -698,7 +698,7 @@
     needs: upload
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -718,7 +718,7 @@
    needs: upload
    steps:
      - name: Build Changelog
        id: github_release
        uses: mikepenz/release-changelog-builder-action@v4
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
@@ -14,7 +14,7 @@

 name: "Codacy Security Scan"

 on:
  push:
    branches: [main, develop]
    paths:
@@ -58,7 +58,7 @@
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -12,7 +12,7 @@
 #
 name: "CodeQL"

 on:
  push:
    branches: [main, develop]
    paths:
@@ -82,7 +82,7 @@
           access_token: ${{ github.token }}
 
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml
@@ -1,14 +1,14 @@
 ---
 name: commit-lint

 on: [push, pull_request]

 jobs:
  commit-lint:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: ahmadnassri/action-commit-lint@v2.1.16
         with:
           config: .github/linters/.commit-lint.yml
diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml
@@ -16,9 +16,9 @@
 # and provide permission before this can report data back to azure.
 # Read the official documentation here : https://learn.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-github

 name: "Microsoft Defender For Devops"

 on:
  push:
    branches: ["main"]
  pull_request:
@@ -32,7 +32,7 @@
     runs-on: windows-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-dotnet@v3
         with:
           dotnet-version: |

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -4,8 +4,8 @@
 #
 # Source repository: https://github.com/actions/dependency-review-action
 # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 name: "Dependency Review"
 on: [pull_request]

 permissions:
  contents: read
@@ -15,6 +15,6 @@
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: "Dependency Review"
         uses: actions/dependency-review-action@v3
diff --git a/.github/workflows/devskim-analysis.yml b/.github/workflows/devskim-analysis.yml
@@ -6,7 +6,7 @@

 name: "DevSkim"

 on:
  push:
    branches: [main]

@@ -27,7 +27,7 @@
       security-events: write
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: "Run DevSkim scanner"
         uses: microsoft/DevSkim-Action@v1

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -37,7 +37,7 @@ jobs:
 
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Install the cosign tool except on PR
       # https://github.com/sigstore/cosign-installer

diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml
@@ -20,7 +20,7 @@ jobs:
     name: fastlane env reminder
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.3.0
+      - uses: actions/checkout@v4
       - uses: fastlane/github-actions/fastlane-env-reminder@latest
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.3.0
+        uses: actions/checkout@v4
       - name: Run Labeler
         if: success()
         uses: crazy-max/ghaction-github-labeler@v4

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -28,7 +28,7 @@ jobs:
     steps:
       # Git Checkout
       - name: '🧰 Checkout'
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           fetch-depth: 0

diff --git a/.github/workflows/misspell-fixer.yml b/.github/workflows/misspell-fixer.yml
@@ -19,7 +19,7 @@ jobs:
   misspell-fixer:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.3.0
+      - uses: actions/checkout@v4
       - uses: sobolevn/misspell-fixer-action@master
       - name: "Check diff"
         run: git diff --exit-code ${{ github.sha }}

diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml
@@ -34,7 +34,7 @@ jobs:
 
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml
@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/reuse-check.yml b/.github/workflows/reuse-check.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "🧰 Checkout"
-        uses: actions/checkout@v3.3.0
+        uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+        uses: actions/checkout@v4 # v3.1.0
         with:
           persist-credentials: false
 

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # Checkout project source
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       # Scan code using project's configuration on https://semgrep.dev/manage
       - uses: returntocorp/semgrep-action@0bdb313d58a33cb6fe166b1807f9f06885641184

diff --git a/.github/workflows/write-good.yml b/.github/workflows/write-good.yml
@@ -28,7 +28,7 @@ jobs:
     runs-on: ubuntu-latest
     name: A job to lint Markdown files
     steps:
-      - uses: actions/checkout@v3.3.0
+      - uses: actions/checkout@v4
       - name: write-good action step
         id: write-good
         uses: tomwhross/write-good-action@v1.6