diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dec424aad5..d3e5730073 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -62,7 +62,7 @@ jobs: ${{ runner.os }}-build- - name: Configure JDK - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 + uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 with: distribution: "temurin" java-version: ${{ env.JAVA_VERSION }} @@ -172,7 +172,7 @@ jobs: ${{ runner.os }}-build- - name: Configure JDK - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 + uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 with: distribution: "temurin" java-version: ${{ env.JAVA_VERSION }} @@ -237,7 +237,7 @@ jobs: - name: Upload release Play Store .aab artifact if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'aab') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden.aab path: app/build/outputs/bundle/standardRelease/com.x8bit.bitwarden-standard-release.aab @@ -245,7 +245,7 @@ jobs: - name: Upload beta Play Store .aab artifact if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'aab') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden.beta.aab path: app/build/outputs/bundle/standardBeta/com.x8bit.bitwarden-standard-beta.aab @@ -253,7 +253,7 @@ jobs: - name: Upload release .apk artifact if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden.apk path: app/build/outputs/apk/standard/release/com.x8bit.bitwarden-standard-release.apk @@ -261,7 +261,7 @@ jobs: - name: Upload beta .apk artifact if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden.beta.apk path: app/build/outputs/apk/standard/beta/com.x8bit.bitwarden-standard-beta.apk @@ -270,7 +270,7 @@ jobs: # When building variants other than 'prod' - name: Upload other .apk artifact if: ${{ (matrix.variant != 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden-${{ matrix.variant }}.apk path: app/build/outputs/apk/standard/debug/com.x8bit.bitwarden-standard-debug.apk @@ -308,7 +308,7 @@ jobs: - name: Upload .apk SHA file for release if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-android-apk-sha256.txt path: ./bw-android-apk-sha256.txt @@ -316,7 +316,7 @@ jobs: - name: Upload .apk SHA file for beta if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-android-beta-apk-sha256.txt path: ./bw-android-beta-apk-sha256.txt @@ -324,7 +324,7 @@ jobs: - name: Upload .aab SHA file for release if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'aab') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-android-aab-sha256.txt path: ./bw-android-aab-sha256.txt @@ -332,7 +332,7 @@ jobs: - name: Upload .aab SHA file for beta if: ${{ (matrix.variant == 'prod') && (matrix.artifact == 'aab') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-android-beta-aab-sha256.txt path: ./bw-android-beta-aab-sha256.txt @@ -340,7 +340,7 @@ jobs: - name: Upload .apk SHA file for other if: ${{ (matrix.variant != 'prod') && (matrix.artifact == 'apk') }} - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-android-${{ matrix.variant }}-apk-sha256.txt path: ./bw-android-${{ matrix.variant }}-apk-sha256.txt @@ -446,7 +446,7 @@ jobs: ${{ runner.os }}-build- - name: Configure JDK - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 + uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 with: distribution: "temurin" java-version: ${{ env.JAVA_VERSION }} @@ -482,7 +482,7 @@ jobs: keyPassword:"${{ env.FDROID_BETA_KEY_PASSWORD }}" - name: Upload F-Droid .apk artifact - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden-fdroid.apk path: app/build/outputs/apk/fdroid/release/com.x8bit.bitwarden-fdroid-release.apk @@ -494,14 +494,14 @@ jobs: > ./bw-fdroid-apk-sha256.txt - name: Upload F-Droid SHA file - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-fdroid-apk-sha256.txt path: ./bw-fdroid-apk-sha256.txt if-no-files-found: error - name: Upload F-Droid Beta .apk artifact - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: com.x8bit.bitwarden-fdroid-beta.apk path: app/build/outputs/apk/fdroid/beta/com.x8bit.bitwarden-fdroid-beta.apk @@ -513,7 +513,7 @@ jobs: > ./bw-fdroid-beta-apk-sha256.txt - name: Upload F-Droid Beta SHA file - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: bw-fdroid-beta-apk-sha256.txt path: ./bw-fdroid-beta-apk-sha256.txt diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index e53e08a058..6773f0cb14 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -31,7 +31,7 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} - name: Scan with Checkmarx - uses: checkmarx/ast-github-action@6c56658230f79c227a55120e9b24845d574d5225 # 2.0.31 + uses: checkmarx/ast-github-action@1fe318de2993222574e6249750ba9000a4e2a6cd # 2.0.33 env: INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}" with: @@ -46,7 +46,7 @@ jobs: --output-path . ${{ env.INCREMENTAL }} - name: Upload Checkmarx results to GitHub - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 with: sarif_file: cx_result.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3cae2d6672..e103a6e174 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -63,7 +63,7 @@ jobs: bundler-cache: true - name: Configure JDK - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 + uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 with: distribution: "temurin" java-version: ${{ env.JAVA_VERSION }}