diff --git a/.github/workflows/api.yml b/.github/workflows/api.yml index cef3698872..cadb2a9398 100644 --- a/.github/workflows/api.yml +++ b/.github/workflows/api.yml @@ -18,9 +18,9 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version-file: .nvmrc cache: "npm" @@ -29,7 +29,7 @@ jobs: - name: Run build run: make build - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: mattermost-api-reference path: api/v4/html diff --git a/.github/workflows/build-opensearch-image.yml b/.github/workflows/build-opensearch-image.yml index d1e07553ac..020bc83641 100644 --- a/.github/workflows/build-opensearch-image.yml +++ b/.github/workflows/build-opensearch-image.yml @@ -13,16 +13,16 @@ jobs: runs-on: ubuntu-22.04 steps: - name: opensearch/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: opensearch/docker-login - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKERHUB_DEV_USERNAME }} password: ${{ secrets.DOCKERHUB_DEV_TOKEN }} - name: opensearch/build-and-push - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: provenance: false file: server/build/Dockerfile.opensearch diff --git a/.github/workflows/build-server-image.yml b/.github/workflows/build-server-image.yml index 215d1c0729..4aeba25ef0 100644 --- a/.github/workflows/build-server-image.yml +++ b/.github/workflows/build-server-image.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: buildenv/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: buildenv/calculate-golang-version working-directory: server/ @@ -21,13 +21,13 @@ jobs: run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: buildenv/docker-login - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKERHUB_DEV_USERNAME }} password: ${{ secrets.DOCKERHUB_DEV_TOKEN }} - name: buildenv/build-and-push - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: provenance: false file: server/build/Dockerfile.buildenv diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6d98f3d327..6bec2f27b0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,22 +25,22 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} debug: false config-file: ./.github/codeql/codeql-config.yml - name: Build JavaScript - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 if: ${{ matrix.language == 'javascript' }} - name: Setup go - uses: actions/setup-go@v2 + uses: actions/setup-go@v5 with: go-version: '1.22' if: ${{ matrix.language == 'go' }} @@ -55,4 +55,4 @@ jobs: # Perform Analysis - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/docker-push-mirrored.yml b/.github/workflows/docker-push-mirrored.yml index dd13edcdbd..e037b58e15 100644 --- a/.github/workflows/docker-push-mirrored.yml +++ b/.github/workflows/docker-push-mirrored.yml @@ -14,9 +14,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: cd/Login to Docker Hub - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKERHUB_DEV_USERNAME }} password: ${{ secrets.DOCKERHUB_DEV_TOKEN }} diff --git a/.github/workflows/e2e-fulltests-ci.yml b/.github/workflows/e2e-fulltests-ci.yml index 4df049636e..19e40dbc81 100644 --- a/.github/workflows/e2e-fulltests-ci.yml +++ b/.github/workflows/e2e-fulltests-ci.yml @@ -105,7 +105,7 @@ jobs: MM_SERVICE_OVERRIDES: "${{ inputs.MM_SERVICE_OVERRIDES }}" steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: "${{ inputs.ref || github.sha }}" fetch-depth: 0 diff --git a/.github/workflows/e2e-tests-ci-template.yml b/.github/workflows/e2e-tests-ci-template.yml index 92e341b628..9b78368ea2 100644 --- a/.github/workflows/e2e-tests-ci-template.yml +++ b/.github/workflows/e2e-tests-ci-template.yml @@ -118,13 +118,13 @@ jobs: steps: - name: ci/checkout-repo if: "${{ inputs.run_preflight_checks }}" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 - name: ci/setup-node if: "${{ inputs.run_preflight_checks }}" - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -149,13 +149,13 @@ jobs: steps: - name: ci/checkout-repo if: "${{ inputs.run_preflight_checks }}" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 - name: ci/setup-node if: "${{ inputs.run_preflight_checks }}" - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -186,7 +186,7 @@ jobs: steps: - name: ci/checkout-repo if: "${{ inputs.run_preflight_checks }}" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 @@ -206,7 +206,7 @@ jobs: node-cache-dependency-path: "${{ steps.generate.outputs.node-cache-dependency-path }}" steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 @@ -232,12 +232,12 @@ jobs: status_check_url: "${{ steps.e2e-test-gencycle.outputs.status_check_url }}" steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 - name: ci/setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -310,7 +310,7 @@ jobs: ROLLING_RELEASE_SERVER_IMAGE: "${{ inputs.ROLLING_RELEASE_SERVER_IMAGE }}" steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 @@ -324,7 +324,7 @@ jobs: ln -sfn /usr/local/opt/docker-compose/bin/docker-compose ~/.docker/cli-plugins/docker-compose sudo ln -sf $HOME/.colima/default/docker.sock /var/run/docker.sock - name: ci/setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -357,7 +357,7 @@ jobs: make make cloud-teardown - name: ci/e2e-test-store-results - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 if: always() with: name: e2e-test-results-${{ inputs.TEST }}-${{ matrix.os }}-${{ matrix.worker_index }} @@ -383,17 +383,17 @@ jobs: commit_status_message: "${{ steps.calculate-results.outputs.commit_status_message }}" steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ inputs.commit_sha }} fetch-depth: 0 - name: ci/download-artifacts - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: e2e-tests/${{ inputs.TEST }}/ merge-multiple: true - name: ci/upload-report-global - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: e2e-test-results-${{ inputs.TEST }} path: | @@ -401,7 +401,7 @@ jobs: e2e-tests/${{ inputs.TEST }}/results/ - name: ci/setup-node if: "${{ inputs.enable_reporting }}" - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -426,7 +426,7 @@ jobs: # The results dir may have been modified as part of the reporting: re-upload - name: ci/upload-report-global if: "${{ inputs.enable_reporting }}" - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: e2e-test-results-${{ inputs.TEST }} path: | diff --git a/.github/workflows/esrupgrade-common.yml b/.github/workflows/esrupgrade-common.yml index b1800ab38b..2faefc57ae 100644 --- a/.github/workflows/esrupgrade-common.yml +++ b/.github/workflows/esrupgrade-common.yml @@ -27,7 +27,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run docker compose run: | cd server/build @@ -89,7 +89,7 @@ jobs: # We skip the very last line, which simply contains the date of the dump head -n -1 ${DUMP_SERVER_NAME} | gzip > ${DUMP_SERVER_NAME}.gz - name: Upload dump - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: upgraded-dump-server path: ${{ env.DUMP_SERVER_NAME }}.gz @@ -98,7 +98,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run docker compose run: | cd server/build @@ -134,7 +134,7 @@ jobs: # We skip the very last line, which simply contains the date of the dump head -n -1 ${DUMP_SCRIPT_NAME} | gzip > ${DUMP_SCRIPT_NAME}.gz - name: Upload dump - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: upgraded-dump-script path: ${{ env.DUMP_SCRIPT_NAME }}.gz @@ -145,7 +145,7 @@ jobs: - esr-upgrade-script steps: - name: Retrieve dumps - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 - name: Diff dumps run: | gzip -d upgraded-dump-server/${DUMP_SERVER_NAME}.gz @@ -153,7 +153,7 @@ jobs: diff upgraded-dump-server/$DUMP_SERVER_NAME upgraded-dump-script/$DUMP_SCRIPT_NAME > $DIFF_NAME - name: Upload diff if: failure() # Upload the diff only if the previous step failed; i.e., if the diff is non-empty - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: dumps-diff path: ${{ env.DIFF_NAME }} diff --git a/.github/workflows/i18n-ci-template.yml b/.github/workflows/i18n-ci-template.yml index 44d7714165..ded75cd386 100644 --- a/.github/workflows/i18n-ci-template.yml +++ b/.github/workflows/i18n-ci-template.yml @@ -11,11 +11,11 @@ jobs: if: github.event.pull_request.user.login != 'weblate' # Allow weblate to modify non-English steps: - name: Checkout code - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Get changed files id: changed-files - uses: tj-actions/changed-files@95690f9ece77c1740f4a55b7f1de9023ed6b1f87 # v39.2.3 + uses: tj-actions/changed-files@c3a1bb2c992d77180ae65be6ae6c166cf40f857c # v45.0.3 with: files: | server/i18n/*.json diff --git a/.github/workflows/migration-assist-sync.yml b/.github/workflows/migration-assist-sync.yml index 9485bbd78f..e4642f2204 100644 --- a/.github/workflows/migration-assist-sync.yml +++ b/.github/workflows/migration-assist-sync.yml @@ -15,9 +15,9 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Checkout migration-assist project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: mattermost/migration-assist ref: main diff --git a/.github/workflows/migration.yml b/.github/workflows/migration.yml index f5e506dfb7..54548d008c 100644 --- a/.github/workflows/migration.yml +++ b/.github/workflows/migration.yml @@ -13,7 +13,7 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go working-directory: ./server @@ -66,7 +66,7 @@ jobs: $TEST_IMAGE \ make test-migration - name: Upload artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: Migration logs path: server/migration.log diff --git a/.github/workflows/mmctl-test-template.yml b/.github/workflows/mmctl-test-template.yml index 0ec04673a0..697eaba9fd 100644 --- a/.github/workflows/mmctl-test-template.yml +++ b/.github/workflows/mmctl-test-template.yml @@ -23,13 +23,13 @@ jobs: COMPOSE_PROJECT_NAME: ghactions steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go working-directory: ./server run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: server/go.sum @@ -74,14 +74,14 @@ jobs: docker compose --ansi never stop - name: Archive logs if: ${{ always() }} - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ inputs.logsartifact }} path: | server/gotestsum.json server/report.xml - name: Publish Test Report - uses: mikepenz/action-junit-report@c0e4b81aaa0067314a2d0d06e19b512c9d8af4f5 # v3.7.7 + uses: mikepenz/action-junit-report@db71d41eb79864e25ab0337e395c352e84523afe # v4.3.1 if: success() || failure() # always run even if the previous step fails with: report_paths: server/report.xml diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 46ff7a9532..b0f616c45e 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -21,12 +21,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -48,7 +48,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: SARIF file path: results.sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@6a89f57882288b3d2f190cda65000eec9e9ebb7c # v2.27.0 with: sarif_file: results.sarif diff --git a/.github/workflows/sentry.yaml b/.github/workflows/sentry.yaml index 65d9bbbcd6..0a7b0d5493 100644 --- a/.github/workflows/sentry.yaml +++ b/.github/workflows/sentry.yaml @@ -18,7 +18,7 @@ jobs: SENTRY_PROJECT: ${{ secrets.MM_SERVER_SENTRY_PROJECT }} steps: - name: cd/Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: cd/Create Sentry release - uses: getsentry/action-release@85e0095193a153d57c458995f99d0afd81b9e5ea # v1.3.0 + uses: getsentry/action-release@e769183448303de84c5a06aaaddf9da7be26d6c7 # v1.7.0 diff --git a/.github/workflows/server-ci-artifacts.yml b/.github/workflows/server-ci-artifacts.yml index a548b2086d..6b13fbc42b 100644 --- a/.github/workflows/server-ci-artifacts.yml +++ b/.github/workflows/server-ci-artifacts.yml @@ -40,7 +40,7 @@ jobs: aws-secret-access-key: ${{ secrets.PR_BUILDS_BUCKET_AWS_SECRET_ACCESS_KEY }} - name: cd/download-artifacts-from-PR-workflow - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: run-id: ${{ github.event.workflow_run.id }} github-token: ${{ github.token }} @@ -77,18 +77,18 @@ jobs: TAG: ${{ steps.set_tag.outputs.TAG }} steps: - name: cd/docker-login - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: mattermostdev password: ${{ secrets.DOCKERHUB_DEV_TOKEN }} - name: cd/setup-cosign - uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2 + uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 with: cosign-release: v${{ env.COSIGN_VERSION }} - name: cd/download-artifacts-from-PR-workflow - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: run-id: ${{ github.event.workflow_run.id }} github-token: ${{ github.token }} @@ -96,7 +96,7 @@ jobs: path: server/build/ - name: cd/setup-docker-buildx - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: cd/set-docker-tag id: set_tag diff --git a/.github/workflows/server-ci-template.yml b/.github/workflows/server-ci-template.yml index 1d67dd2d05..61fd912264 100644 --- a/.github/workflows/server-ci-template.yml +++ b/.github/workflows/server-ci-template.yml @@ -14,12 +14,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -39,12 +39,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -64,12 +64,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -87,12 +87,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -112,12 +112,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -139,12 +139,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -162,7 +162,7 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Extract migrations files run: make migrations-extract - name: Check migration files @@ -175,7 +175,7 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Generate email templates run: | sudo npm install -g mjml@4.9.0 @@ -190,12 +190,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -215,12 +215,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -240,12 +240,12 @@ jobs: working-directory: server steps: - name: Checkout mattermost-server - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | @@ -307,19 +307,19 @@ jobs: needs: check-mattermost-vet steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: | server/go.sum server/public/go.sum - name: ci/setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 id: setup_node with: node-version-file: ".nvmrc" @@ -333,7 +333,7 @@ jobs: make build-cmd BUILD_NUMBER='${GITHUB_HEAD_REF}-${GITHUB_RUN_ID}' make package BUILD_NUMBER='${GITHUB_HEAD_REF}-${GITHUB_RUN_ID}' - name: Persist dist artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: server-dist-artifact path: server/dist/ @@ -341,7 +341,7 @@ jobs: compression-level: 0 retention-days: 2 - name: Persist build artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: server-build-artifact path: server/build/ diff --git a/.github/workflows/server-test-template.yml b/.github/workflows/server-test-template.yml index 2e46be3f3a..3deb3f7d72 100644 --- a/.github/workflows/server-test-template.yml +++ b/.github/workflows/server-test-template.yml @@ -23,13 +23,13 @@ jobs: COMPOSE_PROJECT_NAME: ghactions steps: - name: Checkout mattermost project - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Calculate Golang Version id: go working-directory: ./server run: echo GO_VERSION=$(cat .go-version) >> "${GITHUB_OUTPUT}" - name: Setup Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ steps.go.outputs.GO_VERSION }} cache-dependency-path: server/go.sum @@ -66,7 +66,7 @@ jobs: docker compose --ansi never stop - name: Archive logs if: ${{ always() }} - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ inputs.logsartifact }} path: | @@ -74,7 +74,7 @@ jobs: server/report.xml - name: Publish test report id: report - uses: mikepenz/action-junit-report@dfc44cebdda1e40b1e3c3b244a84dc303b952fb0 # v3.7.7 + count retries + check urls from https://github.com/lieut-data/action-junit-report + uses: mikepenz/action-junit-report@db71d41eb79864e25ab0337e395c352e84523afe # v3.7.7 + count retries + check urls from https://github.com/lieut-data/action-junit-report if: success() || failure() # always run even if the previous step fails with: report_paths: server/report.xml @@ -91,7 +91,7 @@ jobs: * Ideally, this would have been caught in a pull request, but now a volunteer is required. If you're willing to help, submit a separate pull request to skip the flaky tests (e.g. [23360](https://github.com/mattermost/mattermost/pull/23360)) and file JIRA ticket (e.g. [MM-52743](https://mattermost.atlassian.net/browse/MM-52743)) for later investigation. * Finally, reply to this message with a link to the created JIRA ticket. - name: Report retried tests (pull request) - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: ${{ steps.report.outputs.retried > 0 && !(github.ref_name == 'master' || startsWith(github.ref_name, 'release-')) }} with: script: | diff --git a/.github/workflows/tag-public-module.yaml b/.github/workflows/tag-public-module.yaml index 92f2f13eb3..c70c78c059 100644 --- a/.github/workflows/tag-public-module.yaml +++ b/.github/workflows/tag-public-module.yaml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: release/checkout-mattermost - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/webapp-ci-template.yml b/.github/workflows/webapp-ci-template.yml index 560b9875eb..1a70072f5e 100644 --- a/.github/workflows/webapp-ci-template.yml +++ b/.github/workflows/webapp-ci-template.yml @@ -13,7 +13,7 @@ jobs: working-directory: webapp steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ci/setup uses: ./.github/actions/webapp-setup - name: ci/lint @@ -27,7 +27,7 @@ jobs: working-directory: webapp steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ci/setup uses: ./.github/actions/webapp-setup - name: ci/lint @@ -50,7 +50,7 @@ jobs: working-directory: webapp steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ci/setup uses: ./.github/actions/webapp-setup - name: ci/lint @@ -67,7 +67,7 @@ jobs: working-directory: webapp steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ci/setup uses: ./.github/actions/webapp-setup - name: ci/test @@ -83,7 +83,7 @@ jobs: working-directory: webapp steps: - name: ci/checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ci/setup uses: ./.github/actions/webapp-setup - name: ci/build