diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2f19788..a0f54bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -71,7 +71,7 @@ jobs: matrix: shard: [1, 2, 3] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -110,7 +110,7 @@ jobs: timeout-minutes: 10 needs: test steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -147,7 +147,7 @@ jobs: timeout-minutes: 10 needs: [typecheck, coverage] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -173,7 +173,7 @@ jobs: # build artifact compiles under the flag, so a self-host-specific # regression cannot pass CI silently. steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -242,7 +242,7 @@ jobs: # guard, a Caddyfile parse error) precisely because nothing here built # and ran the image. This job closes that gap. steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Build the self-host image (amd64, native) run: docker build -t feedzero:smoke . diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 47f0a05..abbb643 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -56,7 +56,7 @@ jobs: steps: - name: Check out - uses: actions/checkout@v6 + uses: actions/checkout@v7 # Resolve the release version from the trigger and (except for the # SHA-only manual dispatch) refuse to publish if it disagrees with diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 5de6a3e..319c5af 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -36,7 +36,7 @@ jobs: matrix: shard: [1, 2, 3, 4, 5, 6] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/preview-smoke.yml b/.github/workflows/preview-smoke.yml index 889e9ba..68dab92 100644 --- a/.github/workflows/preview-smoke.yml +++ b/.github/workflows/preview-smoke.yml @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: # Check out the SHA Vercel actually deployed, not main HEAD. ref: ${{ github.event.deployment.sha }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 861f9d3..3fada93 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,11 +20,11 @@ jobs: prepare: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: main fetch-depth: 0 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version: 24 - run: npm ci diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 67c67f0..91b5c62 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -23,7 +23,7 @@ jobs: actions: read contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Initialize CodeQL uses: github/codeql-action/init@v4 @@ -46,7 +46,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: # gitleaks history scan needs full git history. fetch-depth: 0