Skip to content

Update GitHub Action Versions #417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Jamie-BitFlight merged 1 commit into from
Nov 21, 2025
+11 −11
Merged

Update GitHub Action Versions #417

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,16 +49,16 @@
GH_TOKEN: ${{ secrets.RELEASE_TOKEN }}
SKIP_PREFLIGHT_CHECK: true
steps:
- uses: actions/checkout@v4.2.2
- uses: actions/checkout@v5.0.0
with:
ref: ${{ inputs.sha }}
token: ${{ secrets.RELEASE_TOKEN }}

- name: Install compatible Nodejs version
id: setup-node
uses: ./.github/actions/setup-node

- name: Configure PATH

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
run: |
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> "${GITHUB_PATH}"
Expand All @@ -71,26 +71,26 @@
git fetch --tags
git status --porcelain -u

- name: Install Deps
id: deps
run: |
npm ci

- name: Ensure dependencies are compatible with the version of node

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
run: npx --yes ls-engines

- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
run: npm audit signatures

- run: npm run build --if-present

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)

- run: |

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
git add -f dist
npm run generate-docs
git commit -n -m 'build(release): bundle distribution files'

- name: Setup Node 24 for semantic-release

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
uses: actions/setup-node@v4
uses: actions/setup-node@v6.0.0
with:
node-version: '24.x'

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/github_actions_version_updater.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4.2.2
- uses: actions/checkout@v5.0.0
with:
# [Required] Access token with `workflow` scope.
token: ${{ secrets.RELEASE_TOKEN }}
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/integration-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,12 @@ jobs:

steps:
- name: Checkout this action (PR code)
uses: actions/checkout@v4
uses: actions/checkout@v5.0.0
with:
path: action-under-test

- name: Setup Node.js for building action
uses: actions/setup-node@v4
uses: actions/setup-node@v6.0.0
with:
node-version: '20.x'
cache: 'npm'
Expand All @@ -59,7 +59,7 @@ jobs:
npm run build
- name: Checkout target repository (${{ matrix.repo }})
uses: actions/checkout@v4
uses: actions/checkout@v5.0.0
with:
repository: ${{ matrix.repo }}
path: test-repo
Expand Down Expand Up @@ -171,7 +171,7 @@ jobs:
- name: Upload generated README as artifact
if: always()
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v5.0.0
with:
name: readme-${{ matrix.artifact_name }}-${{ github.run_number }}
path: test-repo/${{ matrix.readme_path }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/push_code_linting.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
NPM_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
steps:
- uses: actions/checkout@v4.2.2
- uses: actions/checkout@v5.0.0

- name: Install compatible Nodejs version
id: setup-node
Expand All @@ -44,7 +44,7 @@ jobs:
- run: npm run lint:markdown
continue-on-error: true
- name: eslint
uses: reviewdog/action-eslint@v1.33.2
uses: reviewdog/action-eslint@v1.34.0
with:
reporter: github-pr-review # Change reporter.
eslint_flags: src/
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/stale.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
- uses: actions/stale@v10.1.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,35 +35,35 @@
env:
SKIP_PREFLIGHT_CHECK: true
steps:
- uses: actions/checkout@v4.2.2
- uses: actions/checkout@v5.0.0
with:
ref: ${{ github.head_ref || github.ref }}

- name: Install compatible Nodejs version
id: setup-node
uses: ./.github/actions/setup-node
with:
version: ${{ matrix.node-version }}

- name: Configure PATH

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
run: |
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> "${GITHUB_PATH}"
echo "HOME=$HOME" >> "${GITHUB_ENV}"

- run: npm install
- run: npm run test

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
- run: npm run coverage

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
- name: "Report Coverage"

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
if: always()
continue-on-error: true
uses: davelosert/vitest-coverage-report-action@v2.8.3
with:
json-summary-path: "./out/coverage-summary.json"
json-final-path: ./out/coverage-final.json
- run: npm run build
- run: npm run generate-docs

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
call-workflow-passing-data:

Check failure

Code scanning / CodeQL

Checkout of untrusted code in a privileged context Critical test

Potential execution of untrusted code on a privileged workflow (
pull_request_target
Loading
)
needs: run-tests
if: ${{ github.event_name == 'push' }}
permissions:
Expand Down
Loading