diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index b32c2e01f43e..fbf8877b4d2f 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -101,7 +101,7 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -134,7 +134,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c475ec9a8b64..20479bb39e3c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Initialize CodeQL uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a diff --git a/.github/workflows/deploy-storybook.yml b/.github/workflows/deploy-storybook.yml index 749d94502733..8f29be90b9f7 100644 --- a/.github/workflows/deploy-storybook.yml +++ b/.github/workflows/deploy-storybook.yml @@ -33,7 +33,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -50,7 +50,7 @@ jobs: run: npm run storybook:build - name: Checkout gh-pages - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: ref: gh-pages token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/lint-css-js-md.yml b/.github/workflows/lint-css-js-md.yml index a7d0f004affc..b04cf24c0175 100644 --- a/.github/workflows/lint-css-js-md.yml +++ b/.github/workflows/lint-css-js-md.yml @@ -74,7 +74,7 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/lint-i18n.yml b/.github/workflows/lint-i18n.yml index ba1feddbe953..9599b21be77e 100644 --- a/.github/workflows/lint-i18n.yml +++ b/.github/workflows/lint-i18n.yml @@ -47,7 +47,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Install WP-CLI run: | diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 53ff3b510abd..82006eeede27 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -55,7 +55,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup PHP uses: shivammathur/setup-php@7fdd3ece872ec7ec4c098ae5ab7637d5e0a96067 diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index f30ee4a85dc8..ab4e644b2532 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -34,7 +34,7 @@ jobs: environment: Production steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -107,7 +107,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/plugin-release.yml b/.github/workflows/plugin-release.yml index b625977b3e09..be471daf13aa 100644 --- a/.github/workflows/plugin-release.yml +++ b/.github/workflows/plugin-release.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Verify semver compatibility run: | @@ -127,7 +127,7 @@ jobs: # Grab current assets version from `web-stories.php` and pass on to next steps. # - name: Checkout - # uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # with: # ref: @@ -143,7 +143,7 @@ jobs: # ASSETS_VERSION_REGEX: "https://wp.stories.google/static/([^']+)" - name: Checkout wp.stories.google - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: repository: GoogleForCreators/wp.stories.google lfs: true @@ -250,7 +250,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: fetch-depth: 0 # 0 indicates all history for all branches and tags. token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} @@ -413,7 +413,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Download release artifacts uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a @@ -449,7 +449,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: ref: main token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index a0ce2fe6a7b7..63898c11d0f7 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -30,7 +30,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout code' - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: persist-credentials: false diff --git a/.github/workflows/tests-e2e.yml b/.github/workflows/tests-e2e.yml index 2daa17dded20..9b6dc7b74a25 100644 --- a/.github/workflows/tests-e2e.yml +++ b/.github/workflows/tests-e2e.yml @@ -75,7 +75,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d @@ -175,7 +175,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Download bundle uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a diff --git a/.github/workflows/tests-karma-dashboard.yml b/.github/workflows/tests-karma-dashboard.yml index edcafa52058d..f58b615149af 100644 --- a/.github/workflows/tests-karma-dashboard.yml +++ b/.github/workflows/tests-karma-dashboard.yml @@ -65,7 +65,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-karma-editor.yml b/.github/workflows/tests-karma-editor.yml index fbda947a5d57..3df59aa9e75f 100644 --- a/.github/workflows/tests-karma-editor.yml +++ b/.github/workflows/tests-karma-editor.yml @@ -103,7 +103,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-unit-js.yml b/.github/workflows/tests-unit-js.yml index 7252b1ee2a64..555eb8a7a5ff 100644 --- a/.github/workflows/tests-unit-js.yml +++ b/.github/workflows/tests-unit-js.yml @@ -67,7 +67,7 @@ jobs: fonts.gstatic.com:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d diff --git a/.github/workflows/tests-unit-php.yml b/.github/workflows/tests-unit-php.yml index cc2f3a82d0f2..16d195847206 100644 --- a/.github/workflows/tests-unit-php.yml +++ b/.github/workflows/tests-unit-php.yml @@ -100,7 +100,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # PHP-Scoper only works on PHP 7.4+ and we need to prefix our dependencies to accurately test them. # So we temporarily switch PHP versions, do a full install and then remove the package. diff --git a/.github/workflows/update-browserslist.yml b/.github/workflows/update-browserslist.yml index 7b3c28a33cea..810ba511ae7f 100644 --- a/.github/workflows/update-browserslist.yml +++ b/.github/workflows/update-browserslist.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-google-fonts.yml b/.github/workflows/update-google-fonts.yml index 1948c2744f9a..8f6f2d461d68 100644 --- a/.github/workflows/update-google-fonts.yml +++ b/.github/workflows/update-google-fonts.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-product-schema.yml b/.github/workflows/update-product-schema.yml index a8ab8567bfed..462818875b9d 100644 --- a/.github/workflows/update-product-schema.yml +++ b/.github/workflows/update-product-schema.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-templates.yml b/.github/workflows/update-templates.yml index 7f45402fd365..213ec0f793d7 100644 --- a/.github/workflows/update-templates.yml +++ b/.github/workflows/update-templates.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }}