Upgrade GitHub Actions to latest versions (#6700)

Signed-off-by: Salman Muin Kayser Chishti <13schishti@gmail.com>
This commit is contained in:
Salman Chishti
2026-01-26 22:39:26 +00:00
committed by GitHub
parent 214f7a2735
commit 57fbffa7ad
25 changed files with 36 additions and 36 deletions
+2 -2
View File
@@ -80,13 +80,13 @@ jobs:
- name: Cache Cargo artifacts (Linux/macOS)
if: matrix.use-cross
uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2
uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
with:
key: ${{ matrix.architecture }}-${{ matrix.target-suffix }}
- name: Cache Cargo artifacts (Windows)
if: matrix.use-docker
uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2
uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
with:
key: ${{ matrix.architecture }}-${{ matrix.target-suffix }}
+2 -2
View File
@@ -64,7 +64,7 @@ jobs:
npm version ${{ inputs.version }} --no-git-tag-version --allow-same-version
- name: Cache Rust dependencies
uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2
uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
with:
key: intel
@@ -139,7 +139,7 @@ jobs:
- name: Configure AWS credentials
if: ${{ inputs.signing }}
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
role-to-assume: "${{ secrets.OSX_CODESIGN_ROLE }}"
aws-region: us-west-2
+1 -1
View File
@@ -95,7 +95,7 @@ jobs:
run: source ./bin/activate-hermit && cargo install cross --git https://github.com/cross-rs/cross
- name: Cache Rust dependencies
uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2
uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
with:
key: linux
+1 -1
View File
@@ -49,7 +49,7 @@ jobs:
- name: Configure AWS credentials
if: inputs.signing && inputs.signing == true
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # ratchet:aws-actions/configure-aws-credentials@v4
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
role-to-assume: ${{ github.ref == 'refs/heads/main' && secrets.WINDOW_SIGNING_ROLE || secrets.WINDOW_SIGNING_ROLE_TAG }}
aws-region: us-west-2
+1 -1
View File
@@ -169,7 +169,7 @@ jobs:
- name: Configure AWS credentials
if: ${{ inputs.signing }}
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
role-to-assume: "${{ secrets.OSX_CODESIGN_ROLE }}"
aws-region: us-west-2
+1 -1
View File
@@ -109,7 +109,7 @@ jobs:
# Create/update the canary release
- name: Release canary
uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # pin@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
tag: canary
name: Canary
+1 -1
View File
@@ -44,7 +44,7 @@ jobs:
fetch-depth: 0 # to generate complete release log
- uses: cashapp/activate-hermit@e49f5cb4dd64ff0b0b659d1d8df499595451155a # v1
- uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6
- uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
- name: Validate input and set old version
run: |
@@ -74,7 +74,7 @@ jobs:
- name: Deploy to /gh-pages
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # pin@v3
uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: documentation/build
+1 -1
View File
@@ -191,7 +191,7 @@ jobs:
if: |
steps.extract.outputs.has_changes == 'true' &&
(github.event.inputs.dry_run != 'true' || github.event_name == 'release')
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
branch: docs/auto-recipe-reference-${{ steps.versions.outputs.new_version }}
delete-branch: true
+1 -1
View File
@@ -219,7 +219,7 @@ jobs:
- name: Create Pull Request
if: steps.goose.outputs.has_changes == 'true'
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # pin@v7.0.8
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: "fix: ${{ steps.issue.outputs.title }}"
+1 -1
View File
@@ -111,7 +111,7 @@ jobs:
# Create/update the nightly release
- name: Release nightly
uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # pin@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
tag: ${{ needs.prepare-version.outputs.version }}
name: "Nightly ${{ needs.prepare-version.outputs.version }}"
+2 -2
View File
@@ -33,7 +33,7 @@ jobs:
head_sha: ${{ steps.set_head_sha.outputs.head_sha || github.sha }}
steps:
- name: Run command action
uses: github/command@v1.3.0
uses: github/command@v2.0.3
id: command
with:
command: ".build-cli"
@@ -78,7 +78,7 @@ jobs:
merge-multiple: true
- name: Comment on PR with CLI download links
uses: peter-evans/create-or-update-comment@v4
uses: peter-evans/create-or-update-comment@v5
with:
issue-number: ${{ needs.trigger-on-command.outputs.pr_number }}
body: |
@@ -36,7 +36,7 @@ jobs:
head_sha: ${{ steps.set_head_sha.outputs.head_sha || github.sha }}
steps:
- name: Run command action
uses: github/command@319d5236cc34ed2cb72a47c058a363db0b628ebe # pin@v1.3.0
uses: github/command@3442f3fa1efe01bdb024b157083c337902d17372 # v2.0.3
id: command
with:
command: ".bundle-intel"
@@ -85,7 +85,7 @@ jobs:
path: intel-dist
- name: Comment on PR with Intel download link
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # pin@v4
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
issue-number: ${{ needs.trigger-on-command.outputs.pr_number }}
body: |
@@ -39,7 +39,7 @@ jobs:
head_sha: ${{ steps.set_head_sha.outputs.head_sha || github.sha }}
steps:
- name: Run command action
uses: github/command@319d5236cc34ed2cb72a47c058a363db0b628ebe # pin@v1.3.0
uses: github/command@3442f3fa1efe01bdb024b157083c337902d17372 # v2.0.3
id: command
with:
command: ".bundle-windows"
@@ -86,7 +86,7 @@ jobs:
path: windows-dist
- name: Comment on PR with Windows download link
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # pin@v4
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
issue-number: ${{ needs.trigger-on-command.outputs.pr_number }}
body: |
+2 -2
View File
@@ -50,7 +50,7 @@ jobs:
echo "Repository: ${REPOSITORY}"
- name: Run command action
uses: github/command@319d5236cc34ed2cb72a47c058a363db0b628ebe # pin@v1.3.0
uses: github/command@3442f3fa1efe01bdb024b157083c337902d17372 # v2.0.3
id: command
with:
command: ".bundle"
@@ -127,7 +127,7 @@ jobs:
path: arm64-dist
- name: Comment on PR with ARM64 download link
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # pin@v4
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
issue-number: ${{ needs.trigger-on-command.outputs.pr_number }}
body: |
+1 -1
View File
@@ -149,7 +149,7 @@ jobs:
python-version: '3.12'
- name: Install uv (for error proxy)
uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # pin@v6
uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
- name: Run Compaction Tests
env:
+2 -2
View File
@@ -40,7 +40,7 @@ jobs:
npm run build
- name: Deploy preview
uses: rossjrw/pr-preview-action@8ff09e486b4c23709012eedd3b42e9f0b95dd0c5 # v1
uses: rossjrw/pr-preview-action@ffa7509e91a3ec8dfc2e5536c4d5c1acdf7a6de9 # v1.8.1
if: ${{ github.event.pull_request.head.repo.full_name == 'block/goose' }}
with:
source-dir: documentation/build
@@ -56,7 +56,7 @@ jobs:
with:
fetch-depth: 0
- uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4
- uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
- name: Clean up gh-pages branch
run: |
+3 -3
View File
@@ -24,10 +24,10 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # pin@v3.11.1
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
- name: Log in to GitHub Container Registry
uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # pin@v3.5.0
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -35,7 +35,7 @@ jobs:
- name: Extract metadata
id: meta
uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # pin@v5.8.0
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
with:
images: ghcr.io/${{ github.repository_owner }}/goose
tags: |
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
@@ -103,7 +103,7 @@ jobs:
- name: Set up Docker Buildx
if: steps.find_recipes.outputs.has_recipes == 'true' && steps.recipe_changes.outputs.recipe_files_changed == 'true'
uses: docker/setup-buildx-action@1583c0f09d26c58c59d25b0eef29792b7ce99d9a
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
- name: Prune Docker caches
if: steps.find_recipes.outputs.has_recipes == 'true' && steps.recipe_changes.outputs.recipe_files_changed == 'true'
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
pull-requests: write
steps:
- name: Comment with download link
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # pin@v4
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
issue-number: ${{ github.event.number }}
body: |
+2 -2
View File
@@ -100,7 +100,7 @@ jobs:
# Create/update the versioned release
- name: Release versioned
uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # pin@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
artifacts: |
@@ -117,7 +117,7 @@ jobs:
# Create/update the stable release
- name: Release stable
uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # pin@v1
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
tag: stable
name: Stable
+1 -1
View File
@@ -73,6 +73,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: results.sarif
+1 -1
View File
@@ -153,7 +153,7 @@ jobs:
- name: Create Pull Request
if: steps.find_untested.outputs.patch_created == 'true' && github.event.inputs.dry_run != 'true'
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # pin@v7.0.8
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: "test: add test for ${{ steps.find_untested.outputs.function_name }}"
@@ -26,7 +26,7 @@ jobs:
steps:
- name: 'Download previous metrics'
uses: dawidd6/action-download-artifact@688efa90a08f3552e7c1420c8313e215164e8b14
uses: dawidd6/action-download-artifact@0bd50d53a6d7fb5cb921e607957e9cc12b4ce392 # v12
with:
name: health-metrics
path: .
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
path: './prior-version'
- uses: cashapp/activate-hermit@e49f5cb4dd64ff0b0b659d1d8df499595451155a # v1
- uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6
- uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
- name: Extract version from branch name
env: