diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ccc79887..ec67b3ac 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 4d4a0592..eff749ff 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,10 +24,10 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Use Node.js 24.9.0 - uses: actions/setup-node@v6.0.0 + uses: actions/setup-node@v6.1.0 with: node-version: 25.2.1 @@ -43,10 +43,10 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Use Node.js 24.9.0 - uses: actions/setup-node@v6.0.0 + uses: actions/setup-node@v6.1.0 with: node-version: 25.2.1 @@ -62,7 +62,7 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Lint `./README.md` uses: avto-dev/markdown-lint@v1.5.0 @@ -82,10 +82,10 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Use Node.js 24.9.0 - uses: actions/setup-node@v6.0.0 + uses: actions/setup-node@v6.1.0 with: node-version: 25.2.1 @@ -101,10 +101,10 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Use Node.js 24.9.0 - uses: actions/setup-node@v4.1.0 + uses: actions/setup-node@v6.1.0 with: node-version: 25.2.1 @@ -126,7 +126,7 @@ jobs: steps: - name: Make checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Set tag var id: vars @@ -136,7 +136,7 @@ jobs: run: docker build . --file Dockerfile --build-arg TARGET=production --tag angular-ngrx-frontend:${{ steps.vars.outputs.DOCKER_TAG }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.29.0 + uses: aquasecurity/trivy-action@0.33.1 with: image-ref: 'angular-ngrx-frontend:${{ steps.vars.outputs.DOCKER_TAG }}' format: 'table' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index dfa2d814..2ceac0d7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -34,7 +34,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 with: persist-credentials: false @@ -61,7 +61,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@v6.0.0 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index 3e0f7aef..41122f24 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Build the Docker image run: docker build . --file Dockerfile --tag angular-ngrx-frontend:master