diff --git a/.github/workflows/ai-issue-triage.yml b/.github/workflows/ai-issue-triage.yml index 388961540..71d113b2e 100644 --- a/.github/workflows/ai-issue-triage.yml +++ b/.github/workflows/ai-issue-triage.yml @@ -25,7 +25,7 @@ jobs: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: sparse-checkout: | dream-server/ @@ -63,7 +63,7 @@ jobs: } >> $GITHUB_OUTPUT - name: AI Triage - uses: anthropics/claude-code-action@9db782c3a17ef2bfc274cd17411bc3e0a5ba1345 # v1 + uses: anthropics/claude-code-action@70a6e5256e9e2366a1ed5c041904a982ba3a328f # v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} diff --git a/.github/workflows/autonomous-code-scanner.yml b/.github/workflows/autonomous-code-scanner.yml index 9114fe209..02c2b3e72 100644 --- a/.github/workflows/autonomous-code-scanner.yml +++ b/.github/workflows/autonomous-code-scanner.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -117,7 +117,7 @@ jobs: echo "- **Total**: $TOTAL files" >> $GITHUB_STEP_SUMMARY - name: Upload scannable file lists - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: scannable-files path: | @@ -139,7 +139,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -215,7 +215,7 @@ jobs: - name: Upload formatting summary and patch if: steps.detect-changes.outputs.has_changes == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: formatting-changes path: | @@ -237,7 +237,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -324,7 +324,7 @@ jobs: - name: Upload security findings if: steps.analyze-findings.outputs.has_findings == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: security-findings path: | @@ -415,7 +415,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -566,7 +566,7 @@ jobs: - name: Upload type hints suggestions if: steps.analyze.outputs.has_suggestions == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: type-hints-suggestions path: | @@ -590,7 +590,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -742,7 +742,7 @@ jobs: - name: Upload documentation suggestions if: steps.analyze.outputs.has_suggestions == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: documentation-suggestions path: | @@ -778,7 +778,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml index 89b8a82ee..50a63a794 100644 --- a/.github/workflows/claude-review.yml +++ b/.github/workflows/claude-review.yml @@ -76,7 +76,7 @@ jobs: - name: Checkout code if: steps.fork_check.outputs.is_fork != 'true' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -111,7 +111,7 @@ jobs: if: | steps.fork_check.outputs.is_fork != 'true' && (steps.pr_size.outputs.skip_review == 'false' || contains(github.event.pull_request.labels.*.name, 'force-review')) - uses: anthropics/claude-code-action@9db782c3a17ef2bfc274cd17411bc3e0a5ba1345 # v1 + uses: anthropics/claude-code-action@70a6e5256e9e2366a1ed5c041904a982ba3a328f # v1 with: claude_args: | code-review --comment \ @@ -161,7 +161,7 @@ jobs: fi - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -259,7 +259,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -318,14 +318,14 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Run Claude Code Review with write permissions id: review - uses: anthropics/claude-code-action@9db782c3a17ef2bfc274cd17411bc3e0a5ba1345 # v1 + uses: anthropics/claude-code-action@70a6e5256e9e2366a1ed5c041904a982ba3a328f # v1 with: claude_args: | code-review \ diff --git a/.github/workflows/dashboard.yml b/.github/workflows/dashboard.yml index 448618653..4a9556751 100644 --- a/.github/workflows/dashboard.yml +++ b/.github/workflows/dashboard.yml @@ -15,7 +15,7 @@ jobs: working-directory: dream-server/extensions/services/dashboard steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup Node uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 @@ -41,7 +41,7 @@ jobs: working-directory: dream-server/extensions/services/dashboard-api steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 diff --git a/.github/workflows/issue-to-pr.yml b/.github/workflows/issue-to-pr.yml index 1c15cbf89..b4d558859 100644 --- a/.github/workflows/issue-to-pr.yml +++ b/.github/workflows/issue-to-pr.yml @@ -69,13 +69,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Node.js - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 20 @@ -138,7 +138,7 @@ jobs: - name: Upload patch artifact if: steps.detect.outputs.has_changes == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: issue-fix-patch path: /tmp/patch/issue-fix.patch @@ -164,7 +164,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 @@ -305,7 +305,7 @@ jobs: - name: Upload clean patch if: steps.final.outputs.passed == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: issue-fix-clean-patch path: /tmp/clean-patch/issue-fix-clean.patch @@ -328,7 +328,7 @@ jobs: # ---- Success path ---- - name: Checkout repository if: needs.guardrails.outputs.passed == 'true' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint-powershell.yml b/.github/workflows/lint-powershell.yml index f5936a4c1..104b1fcc0 100644 --- a/.github/workflows/lint-powershell.yml +++ b/.github/workflows/lint-powershell.yml @@ -19,7 +19,7 @@ jobs: working-directory: dream-server steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Install PSScriptAnalyzer shell: pwsh diff --git a/.github/workflows/lint-python.yml b/.github/workflows/lint-python.yml index e1ff827e6..5ec9ddbc4 100644 --- a/.github/workflows/lint-python.yml +++ b/.github/workflows/lint-python.yml @@ -14,7 +14,7 @@ jobs: name: Lint Python with Ruff runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 diff --git a/.github/workflows/lint-shell.yml b/.github/workflows/lint-shell.yml index 9ad5c0443..ba0630669 100644 --- a/.github/workflows/lint-shell.yml +++ b/.github/workflows/lint-shell.yml @@ -14,7 +14,7 @@ jobs: name: Lint shell scripts runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Install ShellCheck run: | diff --git a/.github/workflows/matrix-smoke.yml b/.github/workflows/matrix-smoke.yml index 0ace8c5b2..db3287757 100644 --- a/.github/workflows/matrix-smoke.yml +++ b/.github/workflows/matrix-smoke.yml @@ -18,7 +18,7 @@ jobs: working-directory: dream-server steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -119,7 +119,7 @@ jobs: fi - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -194,7 +194,7 @@ jobs: working-directory: dream-server steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false diff --git a/.github/workflows/nightly-code-review.yml b/.github/workflows/nightly-code-review.yml index 783c7e154..a6ac99d1c 100644 --- a/.github/workflows/nightly-code-review.yml +++ b/.github/workflows/nightly-code-review.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -82,7 +82,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -98,7 +98,7 @@ jobs: echo "Required secrets present" - name: Setup Node.js - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 20 @@ -187,7 +187,7 @@ jobs: - name: Upload patch if: steps.check-changes.outputs.has_improvements == 'true' - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: code-improvements-patch path: /tmp/code-improvements.patch @@ -205,7 +205,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/nightly-docs-update.yml b/.github/workflows/nightly-docs-update.yml index 5d56b3cb2..20d45b80f 100644 --- a/.github/workflows/nightly-docs-update.yml +++ b/.github/workflows/nightly-docs-update.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -165,7 +165,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -181,7 +181,7 @@ jobs: echo "Required secrets present" - name: Setup Node.js - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 20 diff --git a/.github/workflows/openclaw-image-diff.yml b/.github/workflows/openclaw-image-diff.yml index 7ae3de129..06c82945d 100644 --- a/.github/workflows/openclaw-image-diff.yml +++ b/.github/workflows/openclaw-image-diff.yml @@ -38,7 +38,7 @@ jobs: env: OPENCLAW_IMAGE: ghcr.io/openclaw/openclaw:2026.3.8 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Pull openclaw image run: docker pull "$OPENCLAW_IMAGE" diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml index ae073131b..f04cabfe1 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release-notes.yml @@ -28,7 +28,7 @@ jobs: RELEASE_TAG: ${{ github.event.release.tag_name || inputs.tag }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -61,7 +61,7 @@ jobs: echo "Previous release: $PREV_TAG" - name: Generate Release Notes - uses: anthropics/claude-code-action@9db782c3a17ef2bfc274cd17411bc3e0a5ba1345 # v1 + uses: anthropics/claude-code-action@70a6e5256e9e2366a1ed5c041904a982ba3a328f # v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index cfec95a3f..631e635fd 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -14,7 +14,7 @@ jobs: name: Scan for secrets runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 diff --git a/.github/workflows/test-linux.yml b/.github/workflows/test-linux.yml index 7381eb504..4dcaa918b 100644 --- a/.github/workflows/test-linux.yml +++ b/.github/workflows/test-linux.yml @@ -15,7 +15,7 @@ jobs: working-directory: dream-server steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Docs Link Checks run: bash tests/test-doc-links.sh diff --git a/.github/workflows/type-check-python.yml b/.github/workflows/type-check-python.yml index 94712e1c8..10e888f16 100644 --- a/.github/workflows/type-check-python.yml +++ b/.github/workflows/type-check-python.yml @@ -20,7 +20,7 @@ jobs: name: Type check with mypy runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 diff --git a/.github/workflows/validate-catalog.yml b/.github/workflows/validate-catalog.yml index 0ce150aad..7ad08077e 100644 --- a/.github/workflows/validate-catalog.yml +++ b/.github/workflows/validate-catalog.yml @@ -22,7 +22,7 @@ jobs: name: Check catalog is up-to-date runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 diff --git a/.github/workflows/validate-compose.yml b/.github/workflows/validate-compose.yml index 20f1d9d20..d72c2db7f 100644 --- a/.github/workflows/validate-compose.yml +++ b/.github/workflows/validate-compose.yml @@ -26,7 +26,7 @@ jobs: name: Validate Docker Compose files runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Validate main docker-compose.base.yml env: diff --git a/.github/workflows/validate-env.yml b/.github/workflows/validate-env.yml index c9f1057e0..725b78bc9 100644 --- a/.github/workflows/validate-env.yml +++ b/.github/workflows/validate-env.yml @@ -20,7 +20,7 @@ jobs: working-directory: dream-server steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Install jq run: sudo apt-get install -y -qq jq