diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a1ab6cb..c9c439c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -31,7 +31,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install actionlint v1.7.7 run: | @@ -69,11 +69,11 @@ jobs: contents: read checks: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - uses: actions/setup-dotnet@v4 + - uses: actions/setup-dotnet@v5 with: global-json-file: global.json @@ -81,7 +81,7 @@ jobs: run: dotnet --version - name: Cache NuGet packages - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.nuget/packages key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props', 'global.json', 'nuget.config') }} @@ -110,7 +110,7 @@ jobs: - name: Upload test results and coverage if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dotnet-test-results path: TestResults/ @@ -137,11 +137,11 @@ jobs: run: working-directory: frontend steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version-file: frontend/.nvmrc cache: npm @@ -154,7 +154,7 @@ jobs: run: npm ci - name: ESLint cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: frontend/.eslintcache key: ${{ runner.os }}-eslint-${{ hashFiles('frontend/eslint.config.mjs', 'frontend/package-lock.json', 'frontend/tsconfig.json', 'frontend/tsconfig.app.json', 'frontend/tsconfig.node.json') }} @@ -177,11 +177,11 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version-file: frontend/.nvmrc @@ -191,7 +191,7 @@ jobs: - name: Проверка ссылок в Markdown (lychee) env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: lycheeverse/lychee-action@v2.4.0 + uses: lycheeverse/lychee-action@v2.8.0 with: args: --verbose --no-progress --exclude-mail --max-concurrency 6 --accept 200,206,429 --exclude '^https?://(127\.0\.0\.1|localhost)' README.md CONTRIBUTING.md SECURITY.md docs @@ -209,11 +209,11 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 - - uses: docker/setup-buildx-action@v3 + - uses: docker/setup-buildx-action@v4 - name: Validate Compose files run: | @@ -244,7 +244,7 @@ jobs: run: docker compose -f docker-compose.smoke.yml down -v --remove-orphans || true - name: Trivy — order-tracking-api:local - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: order-tracking-api:local scan-type: image @@ -253,7 +253,7 @@ jobs: format: table - name: Trivy — order-tracking-worker:local - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: order-tracking-worker:local scan-type: image @@ -262,7 +262,7 @@ jobs: format: table - name: Trivy — order-tracking-frontend:local - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: order-tracking-frontend:local scan-type: image @@ -271,7 +271,7 @@ jobs: format: table - name: Trivy — gate CRITICAL (образ api; job падает при CRITICAL CVE) - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: order-tracking-api:local scan-type: image @@ -297,7 +297,7 @@ jobs: contents: read pull-requests: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a52444c..21ca138 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,14 +28,14 @@ jobs: security-events: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/init@v4 with: languages: csharp queries: security-and-quality - - uses: actions/setup-dotnet@v4 + - uses: actions/setup-dotnet@v5 with: global-json-file: global.json @@ -46,7 +46,7 @@ jobs: dotnet restore OrderTracking.sln dotnet build OrderTracking.sln -c Release --no-restore /p:SkipNSwag=true - - uses: github/codeql-action/analyze@v3 + - uses: github/codeql-action/analyze@v4 - name: Job summary if: always()