diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 550d84cc3525..b576c9818fe2 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -101,7 +101,7 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -134,7 +134,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2cc0ce4bef26..c475ec9a8b64 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Initialize CodeQL uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a diff --git a/.github/workflows/deploy-storybook.yml b/.github/workflows/deploy-storybook.yml index af9ac358f157..749d94502733 100644 --- a/.github/workflows/deploy-storybook.yml +++ b/.github/workflows/deploy-storybook.yml @@ -33,7 +33,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -50,7 +50,7 @@ jobs: run: npm run storybook:build - name: Checkout gh-pages - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: ref: gh-pages token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/lint-css-js-md.yml b/.github/workflows/lint-css-js-md.yml index 8bccf8869da4..c722bf215df7 100644 --- a/.github/workflows/lint-css-js-md.yml +++ b/.github/workflows/lint-css-js-md.yml @@ -74,7 +74,7 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/lint-i18n.yml b/.github/workflows/lint-i18n.yml index ee890ec8dd26..b8c3b66217a2 100644 --- a/.github/workflows/lint-i18n.yml +++ b/.github/workflows/lint-i18n.yml @@ -47,7 +47,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Install WP-CLI run: | diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index eedb1dac5412..7f5a48ff0f9a 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -55,7 +55,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup PHP uses: shivammathur/setup-php@72ae4ccbe57f82bbe08411e84e2130bd4ba1c10f diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index c4f63a86dacc..bf97be280446 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -34,7 +34,7 @@ jobs: environment: Production steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -107,7 +107,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/plugin-release.yml b/.github/workflows/plugin-release.yml index 2a6e2750d4d1..2ed1db5fd65b 100644 --- a/.github/workflows/plugin-release.yml +++ b/.github/workflows/plugin-release.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Verify semver compatibility run: | @@ -127,7 +127,7 @@ jobs: # Grab current assets version from `web-stories.php` and pass on to next steps. # - name: Checkout - # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + # uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # with: # ref: @@ -143,7 +143,7 @@ jobs: # ASSETS_VERSION_REGEX: "https://wp.stories.google/static/([^']+)" - name: Checkout wp.stories.google - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: repository: GoogleForCreators/wp.stories.google lfs: true @@ -250,7 +250,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: fetch-depth: 0 # 0 indicates all history for all branches and tags. token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} @@ -413,7 +413,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Download release artifacts uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a @@ -449,7 +449,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: ref: main token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index ad2a537d051d..5e1c2f0c4901 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -30,7 +30,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout code' - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: persist-credentials: false diff --git a/.github/workflows/tests-e2e.yml b/.github/workflows/tests-e2e.yml index 97c411fda530..760d535e3050 100644 --- a/.github/workflows/tests-e2e.yml +++ b/.github/workflows/tests-e2e.yml @@ -75,7 +75,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -165,7 +165,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Download bundle uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a diff --git a/.github/workflows/tests-karma-dashboard.yml b/.github/workflows/tests-karma-dashboard.yml index 4966157039a7..87be8e33db51 100644 --- a/.github/workflows/tests-karma-dashboard.yml +++ b/.github/workflows/tests-karma-dashboard.yml @@ -65,7 +65,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-karma-editor.yml b/.github/workflows/tests-karma-editor.yml index 5eb05610abf6..ab6d6581b190 100644 --- a/.github/workflows/tests-karma-editor.yml +++ b/.github/workflows/tests-karma-editor.yml @@ -103,7 +103,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-unit-js.yml b/.github/workflows/tests-unit-js.yml index 750ad01f1916..d041562b99ee 100644 --- a/.github/workflows/tests-unit-js.yml +++ b/.github/workflows/tests-unit-js.yml @@ -67,7 +67,7 @@ jobs: fonts.gstatic.com:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-unit-php.yml b/.github/workflows/tests-unit-php.yml index 53d6d0671bfd..40c6c933171d 100644 --- a/.github/workflows/tests-unit-php.yml +++ b/.github/workflows/tests-unit-php.yml @@ -100,7 +100,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # PHP-Scoper only works on PHP 7.4+ and we need to prefix our dependencies to accurately test them. # So we temporarily switch PHP versions, do a full install and then remove the package. diff --git a/.github/workflows/update-browserslist.yml b/.github/workflows/update-browserslist.yml index 1ffe9d821553..6ce784990b3d 100644 --- a/.github/workflows/update-browserslist.yml +++ b/.github/workflows/update-browserslist.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-google-fonts.yml b/.github/workflows/update-google-fonts.yml index a06919feda0a..3f849b245e91 100644 --- a/.github/workflows/update-google-fonts.yml +++ b/.github/workflows/update-google-fonts.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-product-schema.yml b/.github/workflows/update-product-schema.yml index d839e9683001..436969259523 100644 --- a/.github/workflows/update-product-schema.yml +++ b/.github/workflows/update-product-schema.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-templates.yml b/.github/workflows/update-templates.yml index 315e72c744e1..199dea8e124e 100644 --- a/.github/workflows/update-templates.yml +++ b/.github/workflows/update-templates.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }}