diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 14bc7e4f36..d2e593c65f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -31,7 +31,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Validate Gradle wrapper - uses: gradle/actions/wrapper-validation@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/wrapper-validation@16bf8bc8fe830fa669c3c9f914d3eb147c629707 # v4.0.1 - name: Cache Gradle files uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 @@ -130,7 +130,7 @@ jobs: --name authenticator_play_firebase-creds.json --file ${{ github.workspace }}/secrets/authenticator_play_firebase-creds.json --output none - name: Validate Gradle wrapper - uses: gradle/actions/wrapper-validation@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/wrapper-validation@16bf8bc8fe830fa669c3c9f914d3eb147c629707 # v4.0.1 - name: Cache Gradle files uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 @@ -187,7 +187,7 @@ jobs: - name: Upload release Play Store .aab artifact if: ${{ matrix.variant == 'aab' }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: com.bitwarden.authenticator.aab path: app/build/outputs/bundle/release/com.bitwarden.authenticator-release.aab @@ -195,7 +195,7 @@ jobs: - name: Upload release .apk artifact if: ${{ matrix.variant == 'apk' }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: com.bitwarden.authenticator.apk path: app/build/outputs/apk/release/com.bitwarden.authenticator-release.apk @@ -215,7 +215,7 @@ jobs: - name: Upload .apk SHA file for release if: ${{ matrix.variant == 'apk' }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: authenticator-android-apk-sha256.txt path: ./authenticator-android-apk-sha256.txt @@ -223,7 +223,7 @@ jobs: - name: Upload .aab SHA file for release if: ${{ matrix.variant == 'aab' }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: authenticator-android-aab-sha256.txt path: ./authenticator-android-aab-sha256.txt diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 5b404fd833..98297b0432 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -46,7 +46,7 @@ jobs: --output-path . ${{ env.INCREMENTAL }} - name: Upload Checkmarx results to GitHub - uses: github/codeql-action/upload-sarif@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: sarif_file: cx_result.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e50b3004b2..100e32ced0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -34,7 +34,7 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} - name: Validate Gradle wrapper - uses: gradle/actions/wrapper-validation@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/wrapper-validation@16bf8bc8fe830fa669c3c9f914d3eb147c629707 # v4.0.1 - name: Cache Gradle files uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2