diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f2edd1f7b1..1fdb718ca6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,7 +17,7 @@ jobs: language: [javascript] steps: - name: Checkout - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Initialize CodeQL uses: github/codeql-action/init@423a04bb2cb7cd2643007122588f1387778f14d0 # v3.24.9 https://github.com/github/codeql-action/commit/423a04bb2cb7cd2643007122588f1387778f14d0 diff --git a/.github/workflows/create-hotfix.yml b/.github/workflows/create-hotfix.yml index 1f8f866d22..fc64afb2cf 100644 --- a/.github/workflows/create-hotfix.yml +++ b/.github/workflows/create-hotfix.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0 diff --git a/.github/workflows/label-new-issues.yml b/.github/workflows/label-new-issues.yml index ac8cde47e2..4fe3e4791b 100644 --- a/.github/workflows/label-new-issues.yml +++ b/.github/workflows/label-new-issues.yml @@ -20,7 +20,7 @@ jobs: ISSUE_NUMBER: ${{ github.event.issue.number }} REPOSITORY_NAME: ${{ github.event.repository.full_name }} steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Add pending-triage label shell: bash # run bash script to sanitize issue number and add label diff --git a/.github/workflows/publish-hotfix.yml b/.github/workflows/publish-hotfix.yml index 70ec0d0e0f..46b0070e1b 100644 --- a/.github/workflows/publish-hotfix.yml +++ b/.github/workflows/publish-hotfix.yml @@ -21,7 +21,7 @@ jobs: has-changesets: ${{ steps.has-changesets.outputs.has-changesets }} steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0 @@ -72,7 +72,7 @@ jobs: if: ${{ needs.setup.outputs.has-changesets != 'true' }} steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0 @@ -109,7 +109,7 @@ jobs: HEAD_BRANCH: "hotfix" steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 # Check if hotfix -> main PR already exists - name: Check for existing PR id: check-pr diff --git a/.github/workflows/publish-latest.yml b/.github/workflows/publish-latest.yml index 918dbd0dc0..ca491dd600 100644 --- a/.github/workflows/publish-latest.yml +++ b/.github/workflows/publish-latest.yml @@ -21,7 +21,7 @@ jobs: has-changesets: ${{ steps.has-changesets.outputs.has-changesets }} steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0 @@ -67,7 +67,7 @@ jobs: if: ${{ needs.setup.outputs.has-changesets != 'true' }} steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0 diff --git a/.github/workflows/receive-fork-review.yml b/.github/workflows/receive-fork-review.yml index e89565b24d..c9fccc4612 100644 --- a/.github/workflows/receive-fork-review.yml +++ b/.github/workflows/receive-fork-review.yml @@ -17,7 +17,7 @@ jobs: (github.event.pull_request.base.ref == 'main') runs-on: ubuntu-latest steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 # This is intended to pass commit id, base_sha, and pr number to run-e2e-on-fork workflow. # Reference: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ - name: Save commit ID, base sha, and pull request number diff --git a/.github/workflows/reusable-build-system-test-react-native.yml b/.github/workflows/reusable-build-system-test-react-native.yml index ef7a13cea0..18df0f3804 100644 --- a/.github/workflows/reusable-build-system-test-react-native.yml +++ b/.github/workflows/reusable-build-system-test-react-native.yml @@ -113,7 +113,7 @@ jobs: EMULATOR_PORT: 5554 steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: persist-credentials: false - name: Setup Node.js ${{ matrix.node-version }} with ${{ matrix.pkg-manager }} diff --git a/.github/workflows/reusable-build-system-test.yml b/.github/workflows/reusable-build-system-test.yml index 8259e341e9..42e4089d37 100644 --- a/.github/workflows/reusable-build-system-test.yml +++ b/.github/workflows/reusable-build-system-test.yml @@ -91,7 +91,7 @@ jobs: steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: persist-credentials: false - name: Setup Node.js ${{ matrix.node-version }} with ${{ matrix.pkg-manager }} diff --git a/.github/workflows/reusable-e2e.yml b/.github/workflows/reusable-e2e.yml index f70ca515fd..45fcdb1dab 100644 --- a/.github/workflows/reusable-e2e.yml +++ b/.github/workflows/reusable-e2e.yml @@ -92,7 +92,7 @@ jobs: steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # For `pull_request_target`, we want ref to point to `pull_request.head.ref` because `github.ref` # always points to the target branch. @@ -360,7 +360,7 @@ jobs: has-changed-packages: ${{ steps.has-rn-changed-packages.outputs.has-changed-packages }} steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ inputs.commit }} repository: ${{ inputs.repository }} @@ -390,7 +390,7 @@ jobs: NODE_ENV: test steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ inputs.commit }} repository: ${{ inputs.repository }} @@ -513,7 +513,7 @@ jobs: EMULATOR2_PORT: 5556 steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # For `pull_request_target`, we want ref to point to `pull_request.head.ref` because `github.ref` # always points to the target branch. @@ -649,7 +649,7 @@ jobs: NODE_ENV: test steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ inputs.commit }} repository: ${{ inputs.repository }} diff --git a/.github/workflows/reusable-setup-cache.yml b/.github/workflows/reusable-setup-cache.yml index 9cd2969b9b..35b4478490 100644 --- a/.github/workflows/reusable-setup-cache.yml +++ b/.github/workflows/reusable-setup-cache.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ inputs.commit }} repository: ${{ inputs.repository }} diff --git a/.github/workflows/reusable-tagged-publish.yml b/.github/workflows/reusable-tagged-publish.yml index da2840048a..144061a249 100644 --- a/.github/workflows/reusable-tagged-publish.yml +++ b/.github/workflows/reusable-tagged-publish.yml @@ -22,7 +22,7 @@ jobs: if: ${{ inputs.dist-tag == '' || inputs.dist-tag == 'latest' }} run: exit 1 - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Setup Node.js 20 uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 https://github.com/actions/setup-node/commit/60edb5dd545a775178f52524783378180af0d1f8 with: diff --git a/.github/workflows/reusable-unit.yml b/.github/workflows/reusable-unit.yml index 9529665fd1..1c91fddb77 100644 --- a/.github/workflows/reusable-unit.yml +++ b/.github/workflows/reusable-unit.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout Amplify UI - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ inputs.commit }} repository: ${{ inputs.repository }} diff --git a/.github/workflows/test-fork-prs.yml b/.github/workflows/test-fork-prs.yml index 0ec7cee7c1..940ca07d96 100644 --- a/.github/workflows/test-fork-prs.yml +++ b/.github/workflows/test-fork-prs.yml @@ -119,7 +119,7 @@ jobs: .replace(/(\r\n|\n|\r)/gm, '') // remove last new line character .replace(/[^A-Za-z0-9]/g, ''); // remove non-alphanumeric characters - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Set status to commit sha uses: aws-amplify/amplify-ui/.github/actions/set-status@main with: @@ -157,7 +157,7 @@ jobs: github.rest.issues.removeLabel({ owner: REPO_OWNER, repo: REPO_NAME, issue_number: ISSUE_NUMBER, name: LABEL_NAME }) - name: Checkout - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ needs.setup.outputs.commit_id }} @@ -184,7 +184,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: ref: ${{ needs.setup.outputs.commit_id }} repository: ${{ github.repository }} @@ -238,7 +238,7 @@ jobs: permissions: statuses: write # This is required for running set-status actions steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Update status when tests are successful uses: aws-amplify/amplify-ui/.github/actions/set-status@main with: @@ -256,7 +256,7 @@ jobs: permissions: statuses: write # This is required for running set-status actions steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Update status when PR tests are not successful uses: aws-amplify/amplify-ui/.github/actions/set-status@main with: diff --git a/.github/workflows/test-internal-prs.yml b/.github/workflows/test-internal-prs.yml index ee41622aaa..a820c3a37d 100644 --- a/.github/workflows/test-internal-prs.yml +++ b/.github/workflows/test-internal-prs.yml @@ -46,7 +46,7 @@ jobs: const { ISSUE_NUMBER, REPO_OWNER, REPO_NAME, LABEL_NAME } = process.env github.rest.issues.removeLabel({ owner: REPO_OWNER, repo: REPO_NAME, issue_number: ISSUE_NUMBER, name: LABEL_NAME }) - name: Checkout Repository - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Set status to commit sha uses: ./.github/actions/set-status with: @@ -62,7 +62,7 @@ jobs: needs: setup steps: - name: 'Checkout Repository' - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: 'Dependency Review' uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # https://github.com/actions/dependency-review-action/commit/[HASH] with: @@ -81,7 +81,7 @@ jobs: language: [javascript] steps: - name: Checkout - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Initialize CodeQL uses: github/codeql-action/init@423a04bb2cb7cd2643007122588f1387778f14d0 # v3.24.9 https://github.com/github/codeql-action/commit/423a04bb2cb7cd2643007122588f1387778f14d0 @@ -145,7 +145,7 @@ jobs: permissions: statuses: write # This is required for running set-status actions steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Update status when tests are successful uses: ./.github/actions/set-status with: @@ -162,7 +162,7 @@ jobs: permissions: statuses: write # This is required for running set-status actions steps: - - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 - name: Update status when tests are not successful uses: ./.github/actions/set-status with: diff --git a/.github/workflows/version-packages.yml b/.github/workflows/version-packages.yml index b1e7a55df0..4236b14c50 100644 --- a/.github/workflows/version-packages.yml +++ b/.github/workflows/version-packages.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 + uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017 with: # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits fetch-depth: 0