diff --git a/.github/actions/bundle-cache/action.yml b/.github/actions/bundle-cache/action.yml index 654f13b20de..12ec3d60c13 100644 --- a/.github/actions/bundle-cache/action.yml +++ b/.github/actions/bundle-cache/action.yml @@ -29,12 +29,12 @@ runs: bundle lock echo "lockfile=$LOCKFILE" >> "$GITHUB_OUTPUT" - name: Upload lockfile - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ${{ steps.lockfile.outputs.lockfile }} path: "*.lock" - name: Restore cache - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: restore-cache with: key: bundle-${{ runner.os }}-${{ runner.arch }}-${{ steps.ruby-alias.outputs.ruby-alias }}-${{ hashFiles('*.lock') }} @@ -44,7 +44,7 @@ runs: run: bundle install - if: steps.restore-cache.outputs.cache-hit != 'true' name: Save cache - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: "${{ steps.restore-cache.outputs.cache-primary-key }}" path: "/usr/local/bundle" diff --git a/.github/actions/bundle-restore/action.yml b/.github/actions/bundle-restore/action.yml index 4c45659e168..97731ba219d 100644 --- a/.github/actions/bundle-restore/action.yml +++ b/.github/actions/bundle-restore/action.yml @@ -15,12 +15,12 @@ runs: using: composite steps: - name: Download lockfile - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: ${{ inputs.lockfile }} - name: Restore cache - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: restore-cache with: key: "${{ inputs.cache-key }}" diff --git a/.github/workflows/build-gem.yml b/.github/workflows/build-gem.yml index 0b8113031cf..6832d4140a8 100644 --- a/.github/workflows/build-gem.yml +++ b/.github/workflows/build-gem.yml @@ -36,7 +36,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: '3.2' bundler-cache: true # runs 'bundle install' and caches installed gems automatically @@ -63,7 +63,7 @@ jobs: run: | find pkg - name: Upload artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: 'datadog-gem-${{ matrix.type }}-gha${{ github.run_id }}-g${{ github.sha }}' path: 'pkg/*.gem' @@ -80,14 +80,14 @@ jobs: - build steps: - name: Download artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'datadog-gem-${{ matrix.type }}-gha${{ github.run_id }}-g${{ github.sha }}' path: 'pkg' - name: List gem run: | find pkg - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: '3.2' - name: Install gem @@ -106,7 +106,7 @@ jobs: if: ${{ inputs.push }} steps: - name: Download artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'datadog-gem-${{ matrix.type }}-gha${{ github.run_id }}-g${{ github.sha }}' path: 'pkg' diff --git a/.github/workflows/bump-gem-version.yml b/.github/workflows/bump-gem-version.yml index 464adcd5702..3b8eb55b50d 100644 --- a/.github/workflows/bump-gem-version.yml +++ b/.github/workflows/bump-gem-version.yml @@ -39,7 +39,7 @@ jobs: fetch-depth: 0 - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.3.7" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ad6dae85bb6..2bfa6a571d7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -45,10 +45,10 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually - name: Autobuild - uses: github/codeql-action/autobuild@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 complete: name: CodeQL (complete) diff --git a/.github/workflows/generate-supported-versions.yml b/.github/workflows/generate-supported-versions.yml index 9d5add8769f..3dae83d6d44 100644 --- a/.github/workflows/generate-supported-versions.yml +++ b/.github/workflows/generate-supported-versions.yml @@ -19,7 +19,7 @@ jobs: persist-credentials: false - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.3" diff --git a/.github/workflows/lock-dependency.yml b/.github/workflows/lock-dependency.yml index 7f6f9be4ca0..de44e18a5df 100644 --- a/.github/workflows/lock-dependency.yml +++ b/.github/workflows/lock-dependency.yml @@ -77,7 +77,7 @@ jobs: - run: bundle install - run: bundle exec rake dependency:generate - run: bundle exec rake dependency:lock - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: lock-dependency-${{ github.run_id }}-${{ matrix.engine.name }}-${{ matrix.engine.version }} path: gemfiles/${{ matrix.engine.name }}_${{ matrix.engine.version }}* @@ -98,7 +98,7 @@ jobs: with: persist-credentials: true # required for `git` operations (commit & push) at later steps token: ${{ steps.generate-token.outputs.token }} - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: gemfiles pattern: lock-dependency-${{ github.run_id }}-* diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d77e5686c47..df2eca71a15 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.3.7" @@ -165,11 +165,11 @@ jobs: with: persist-credentials: false # `rubygems/release-gem` action handles credentials itself - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.3.7" - run: bundle install - - uses: rubygems/release-gem@a25424ba2ba8b387abc8ef40807c2c85b96cbe32 # v1.1.1 + - uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b # v1.1.2 github-release: name: Attach gem to Github Release and publish @@ -209,7 +209,7 @@ jobs: persist-credentials: false fetch-depth: 0 - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.3.7" - run: bundle install diff --git a/.github/workflows/system-tests.yml b/.github/workflows/system-tests.yml index 5d435d88725..8af7655359d 100644 --- a/.github/workflows/system-tests.yml +++ b/.github/workflows/system-tests.yml @@ -65,7 +65,7 @@ jobs: persist-credentials: false path: packaged/dd-trace-rb - name: Upload artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: dd-trace-rb # The name must match the folder name so it extracts to binaries/dd-trace-rb on download path: packaged diff --git a/.github/workflows/test-macos.yaml b/.github/workflows/test-macos.yaml index beab365f4c0..8e8d4ed92f4 100644 --- a/.github/workflows/test-macos.yaml +++ b/.github/workflows/test-macos.yaml @@ -44,7 +44,7 @@ jobs: # head rubies - if: ${{ matrix.ruby == 'head' }} run: sed -i~ -e '/spec\.required_ruby_version/d' datadog.gemspec - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ matrix.ruby }} rubygems: 3.3.26 diff --git a/.github/workflows/test-memory-leaks.yaml b/.github/workflows/test-memory-leaks.yaml index d4e15809857..ad713021f26 100644 --- a/.github/workflows/test-memory-leaks.yaml +++ b/.github/workflows/test-memory-leaks.yaml @@ -18,7 +18,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: 3.4.1 bundler-cache: true # runs 'bundle install' and caches installed gems automatically diff --git a/.github/workflows/test-yjit.yaml b/.github/workflows/test-yjit.yaml index 3f94c4b751c..a0361174658 100644 --- a/.github/workflows/test-yjit.yaml +++ b/.github/workflows/test-yjit.yaml @@ -50,7 +50,7 @@ jobs: # head rubies - if: ${{ matrix.ruby == 'head' }} run: sed -i~ -e '/spec\.required_ruby_version/d' datadog.gemspec - - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + - uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true # runs 'bundle install' and caches installed gems automatically diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fd444b988d5..fb392617014 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -161,7 +161,7 @@ jobs: steps: - run: mkdir -p tmp/rspec && datadog-ci version - name: Download all junit reports - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: tmp/rspec pattern: junit-* @@ -219,7 +219,7 @@ jobs: steps: - run: mkdir -p tmp/coverage && datadog-ci version - name: Download all coverage data - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: tmp/coverage pattern: coverage-* diff --git a/.github/workflows/typing-stats.yml b/.github/workflows/typing-stats.yml index e6291e24be0..51476827417 100644 --- a/.github/workflows/typing-stats.yml +++ b/.github/workflows/typing-stats.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Find existing comment id: comment - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: github-token: ${{secrets.GITHUB_TOKEN}} script: | @@ -34,12 +34,12 @@ jobs: return undefined === comment ? null : comment.id - name: Checkout current branch - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Ruby - uses: ruby/setup-ruby@a4effe49ee8ee5b8b5091268c473a4628afb5651 # v1.245.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "3.4" @@ -60,7 +60,7 @@ jobs: ruby ${{ runner.temp }}/typing_stats_compute.rb >> "${{ runner.temp }}/typing-stats-current.json" - name: Checkout base branch - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false ref: ${{ github.event.pull_request.base.ref }} @@ -79,7 +79,7 @@ jobs: run: ruby ${{ runner.temp }}/typing_stats_compare.rb >> "${{ runner.temp }}/typing-stats-compare.md" - name: Write comment - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: github-token: ${{secrets.GITHUB_TOKEN}} script: | diff --git a/.github/workflows/update-latest-dependency.yml b/.github/workflows/update-latest-dependency.yml index 242eea51347..fc4d77fa0eb 100644 --- a/.github/workflows/update-latest-dependency.yml +++ b/.github/workflows/update-latest-dependency.yml @@ -60,7 +60,7 @@ jobs: - name: Update latest run: bundle exec rake edge:gemspec edge:update - name: Upload artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: 'gha${{ github.run_id }}-datadog-gem-${{ matrix.engine.name }}-${{ matrix.engine.version }}' path: gemfiles/${{ matrix.engine.name }}_${{ matrix.engine.version }}_* @@ -76,7 +76,7 @@ jobs: persist-credentials: false - name: Download artifacts for all runtimes - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: gemfiles pattern: gha${{ github.run_id }}-datadog-gem-*