diff --git a/.github/workflows/container-prune.yml b/.github/workflows/container-prune.yml index d5443b6e..7008e327 100644 --- a/.github/workflows/container-prune.yml +++ b/.github/workflows/container-prune.yml @@ -88,7 +88,7 @@ jobs: - name: Upload GHCR prune artifacts if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: prune-ghcr-log-${{ github.run_id }} path: | @@ -159,7 +159,7 @@ jobs: - name: Upload Docker Hub prune artifacts if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: prune-dockerhub-log-${{ github.run_id }} path: | diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index f2eeb650..a6a3f90d 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -343,7 +343,7 @@ jobs: - name: Upload Image Artifact if: success() && steps.skip.outputs.skip_build != 'true' && env.TRIGGER_EVENT == 'pull_request' - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: ${{ env.TRIGGER_EVENT == 'pull_request' && format('pr-image-{0}', env.TRIGGER_PR_NUMBER) || 'push-image' }} path: /tmp/charon-pr-image.tar diff --git a/.github/workflows/e2e-tests-split.yml b/.github/workflows/e2e-tests-split.yml index ecf9ad2b..0cbd4f82 100644 --- a/.github/workflows/e2e-tests-split.yml +++ b/.github/workflows/e2e-tests-split.yml @@ -190,7 +190,7 @@ jobs: - name: Upload Docker image artifact if: steps.resolve-image.outputs.image_source == 'build' - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-image path: charon-e2e-image.tar @@ -346,7 +346,7 @@ jobs: - name: Upload HTML report (Chromium Security) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-report-chromium-security path: playwright-report/ @@ -354,7 +354,7 @@ jobs: - name: Upload Chromium Security coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-coverage-chromium-security path: coverage/e2e/ @@ -362,7 +362,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: traces-chromium-security path: test-results/**/*.zip @@ -381,7 +381,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-diagnostics-chromium-security path: diagnostics/ @@ -394,7 +394,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-logs-chromium-security path: docker-logs-chromium-security.txt @@ -555,7 +555,7 @@ jobs: - name: Upload HTML report (Firefox Security) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-report-firefox-security path: playwright-report/ @@ -563,7 +563,7 @@ jobs: - name: Upload Firefox Security coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-coverage-firefox-security path: coverage/e2e/ @@ -571,7 +571,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: traces-firefox-security path: test-results/**/*.zip @@ -590,7 +590,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-diagnostics-firefox-security path: diagnostics/ @@ -603,7 +603,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-logs-firefox-security path: docker-logs-firefox-security.txt @@ -764,7 +764,7 @@ jobs: - name: Upload HTML report (WebKit Security) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-report-webkit-security path: playwright-report/ @@ -772,7 +772,7 @@ jobs: - name: Upload WebKit Security coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-coverage-webkit-security path: coverage/e2e/ @@ -780,7 +780,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: traces-webkit-security path: test-results/**/*.zip @@ -799,7 +799,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-diagnostics-webkit-security path: diagnostics/ @@ -812,7 +812,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-logs-webkit-security path: docker-logs-webkit-security.txt @@ -967,7 +967,7 @@ jobs: - name: Upload HTML report (Chromium shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-report-chromium-shard-${{ matrix.shard }} path: playwright-report/ @@ -975,7 +975,7 @@ jobs: - name: Upload Playwright output (Chromium shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-output-chromium-shard-${{ matrix.shard }} path: playwright-output/chromium-shard-${{ matrix.shard }}/ @@ -983,7 +983,7 @@ jobs: - name: Upload Chromium coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-coverage-chromium-shard-${{ matrix.shard }} path: coverage/e2e/ @@ -991,7 +991,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: traces-chromium-shard-${{ matrix.shard }} path: test-results/**/*.zip @@ -1010,7 +1010,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-diagnostics-chromium-shard-${{ matrix.shard }} path: diagnostics/ @@ -1023,7 +1023,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-logs-chromium-shard-${{ matrix.shard }} path: docker-logs-chromium-shard-${{ matrix.shard }}.txt @@ -1179,7 +1179,7 @@ jobs: - name: Upload HTML report (Firefox shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-report-firefox-shard-${{ matrix.shard }} path: playwright-report/ @@ -1187,7 +1187,7 @@ jobs: - name: Upload Playwright output (Firefox shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: playwright-output-firefox-shard-${{ matrix.shard }} path: playwright-output/firefox-shard-${{ matrix.shard }}/ @@ -1195,7 +1195,7 @@ jobs: - name: Upload Firefox coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-coverage-firefox-shard-${{ matrix.shard }} path: coverage/e2e/ @@ -1203,7 +1203,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: traces-firefox-shard-${{ matrix.shard }} path: test-results/**/*.zip @@ -1222,7 +1222,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: e2e-diagnostics-firefox-shard-${{ matrix.shard }} path: diagnostics/ @@ -1235,7 +1235,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: docker-logs-firefox-shard-${{ matrix.shard }} path: docker-logs-firefox-shard-${{ matrix.shard }}.txt @@ -1391,7 +1391,7 @@ jobs: - name: Upload HTML report (WebKit shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: playwright-report-webkit-shard-${{ matrix.shard }} path: playwright-report/ @@ -1399,7 +1399,7 @@ jobs: - name: Upload Playwright output (WebKit shard ${{ matrix.shard }}) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: playwright-output-webkit-shard-${{ matrix.shard }} path: playwright-output/webkit-shard-${{ matrix.shard }}/ @@ -1407,7 +1407,7 @@ jobs: - name: Upload WebKit coverage (if enabled) if: always() && (inputs.playwright_coverage == 'true' || vars.PLAYWRIGHT_COVERAGE == '1') - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: e2e-coverage-webkit-shard-${{ matrix.shard }} path: coverage/e2e/ @@ -1415,7 +1415,7 @@ jobs: - name: Upload test traces on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: traces-webkit-shard-${{ matrix.shard }} path: test-results/**/*.zip @@ -1434,7 +1434,7 @@ jobs: - name: Upload diagnostics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: e2e-diagnostics-webkit-shard-${{ matrix.shard }} path: diagnostics/ @@ -1447,7 +1447,7 @@ jobs: - name: Upload Docker logs on failure if: failure() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: docker-logs-webkit-shard-${{ matrix.shard }} path: docker-logs-webkit-shard-${{ matrix.shard }}.txt diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml index 4669d7ae..56243c19 100644 --- a/.github/workflows/nightly-build.yml +++ b/.github/workflows/nightly-build.yml @@ -227,7 +227,7 @@ jobs: output-file: sbom-nightly.json - name: Upload SBOM artifact - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: sbom-nightly path: sbom-nightly.json diff --git a/.github/workflows/repo-health.yml b/.github/workflows/repo-health.yml index a41db062..6c11cec3 100644 --- a/.github/workflows/repo-health.yml +++ b/.github/workflows/repo-health.yml @@ -34,7 +34,7 @@ jobs: - name: Upload health output if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: repo-health-output path: | diff --git a/.github/workflows/security-weekly-rebuild.yml b/.github/workflows/security-weekly-rebuild.yml index 3f4a4b52..62e76a6c 100644 --- a/.github/workflows/security-weekly-rebuild.yml +++ b/.github/workflows/security-weekly-rebuild.yml @@ -119,7 +119,7 @@ jobs: severity: 'CRITICAL,HIGH,MEDIUM,LOW' - name: Upload Trivy JSON results - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: name: trivy-weekly-scan-${{ github.run_number }} path: trivy-weekly-results.json diff --git a/.github/workflows/supply-chain-verify.yml b/.github/workflows/supply-chain-verify.yml index 37f81d47..fa24ee8b 100644 --- a/.github/workflows/supply-chain-verify.yml +++ b/.github/workflows/supply-chain-verify.yml @@ -144,7 +144,7 @@ jobs: - name: Upload SBOM Artifact if: steps.image-check.outputs.exists == 'true' && always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: sbom-${{ steps.tag.outputs.tag }} path: sbom-verify.cyclonedx.json @@ -324,7 +324,7 @@ jobs: - name: Upload Vulnerability Scan Artifact if: steps.validate-sbom.outputs.valid == 'true' && always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: vulnerability-scan-${{ steps.tag.outputs.tag }} path: |