From 6d865b3bd97e482881e5a7a5f83a756cab3f40ff Mon Sep 17 00:00:00 2001 From: Mihai Maruseac Date: Sun, 8 Oct 2023 08:37:45 -1000 Subject: [PATCH] Refresh all reusable actions to latest version (#81) Signed-off-by: Mihai Maruseac --- .github/workflows/presubmit-cabal.yaml | 4 ++-- .github/workflows/presubmit-stack.yaml | 4 ++-- .github/workflows/release.yaml | 6 +++--- .github/workflows/scorecards.yaml | 12 ++++++------ 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/presubmit-cabal.yaml b/.github/workflows/presubmit-cabal.yaml index a53f763..682fb36 100644 --- a/.github/workflows/presubmit-cabal.yaml +++ b/.github/workflows/presubmit-cabal.yaml @@ -17,9 +17,9 @@ jobs: fail-fast: false # don't cancel other jobs if one fails matrix: os: [ubuntu-latest, macos-latest, windows-latest] - ghc: ["8.10.7", "9.0.2", "9.2.7", "9.4.5", "9.6.1"] + ghc: [8.10.7, 9.0.2, 9.2.7, 9.4.5, 9.6.1] steps: - - name: "Checkout code" + - name: Checkout code uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false diff --git a/.github/workflows/presubmit-stack.yaml b/.github/workflows/presubmit-stack.yaml index 991d281..da3a4d0 100644 --- a/.github/workflows/presubmit-stack.yaml +++ b/.github/workflows/presubmit-stack.yaml @@ -21,9 +21,9 @@ jobs: # whereas all others (including Cabal ones) barely reach 50MB. Instead, # we only use nightly as the resolver, as this should handle the newest # GHC and is also the place where failures will be reported from Stack. - resolver: ["nightly"] + resolver: [nightly] steps: - - name: "Checkout code" + - name: Checkout code uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7cbfc34..941ba18 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,8 +14,8 @@ jobs: # Keep these in sync with a subset of Cabal-based CI matrix. This way, we # are not building a new cache here, just reusing an existing one. env: - os: "ubuntu-latest" - ghc: "9.4.4" + os: ubuntu-latest + ghc: 9.4.4 outputs: hash_sdist: ${{ steps.hash_sdist.outputs.hash_sdist }} hash_execs: ${{ steps.hash_execs.outputs.hash_execs }} @@ -143,7 +143,7 @@ jobs: name: sdist.zip - name: Upload assets - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 with: files: ./* diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml index 1856bb8..f4aa93e 100644 --- a/.github/workflows/scorecards.yaml +++ b/.github/workflows/scorecards.yaml @@ -19,19 +19,19 @@ jobs: id-token: write steps: - - name: "Checkout code" + - name: Checkout code uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false - - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + - name: Run analysis + uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 with: results_file: results.sarif results_format: sarif publish_results: true - - name: "Upload artifact" + - name: Upload artifact uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file @@ -39,7 +39,7 @@ jobs: retention-days: 5 # Upload the results to GitHub's code scanning dashboard. - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f31a31c052207cc13b328d6295c5b728bb49568c # v2.13.1 + - name: Upload to code-scanning + uses: github/codeql-action/upload-sarif@2cb752a87e96af96708ab57187ab6372ee1973ab # v2.22.0 with: sarif_file: results.sarif