From d4f41845b31100473fe3f6401876df0acec982ee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 11:54:14 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/Auto-Release.yml | 2 +- .github/workflows/Linter.yml | 2 +- .github/workflows/TestWorkflow.yml | 26 +++++++++++++------------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/Auto-Release.yml b/.github/workflows/Auto-Release.yml index a0435d7..dad9961 100644 --- a/.github/workflows/Auto-Release.yml +++ b/.github/workflows/Auto-Release.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Auto-Release uses: PSModule/Auto-Release@v1 diff --git a/.github/workflows/Linter.yml b/.github/workflows/Linter.yml index 94f34b0..1962629 100644 --- a/.github/workflows/Linter.yml +++ b/.github/workflows/Linter.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/TestWorkflow.yml b/.github/workflows/TestWorkflow.yml index fc19988..263b6f9 100644 --- a/.github/workflows/TestWorkflow.yml +++ b/.github/workflows/TestWorkflow.yml @@ -53,7 +53,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -76,7 +76,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 # # Not a supported way of running the action # # This syntax is specifically for using a function in a specific module @@ -144,7 +144,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -324,7 +324,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -386,7 +386,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -404,7 +404,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -430,7 +430,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -456,7 +456,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -482,7 +482,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -517,7 +517,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test uses: ./ @@ -553,7 +553,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 # Login to Azure to enable KeyVault access - name: Login to Azure @@ -602,7 +602,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 # Login to Azure to enable KeyVault access - name: Login to Azure @@ -650,7 +650,7 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Action-Test with PreserveCredentials false uses: ./ From 7b9d6048737e3f600b5fa1776ecefcb5125bc279 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Wed, 26 Nov 2025 15:17:29 +0100 Subject: [PATCH 2/2] Bump actions/checkout from 5 to 6 with SHA pinning (#68) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps actions/checkout from v5 to v6 and pins all actions to commit SHAs for security hardening. ## Changes - **SHA pinning with version comments** for all actions: - `actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6` - `PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 # v1` - `super-linter/super-linter@2bdd90ed3262e023ac84bf8fe35dc480721fc1f2 # v8` - `azure/login@1384c340ab2dda50fed2bee3041d1d87018aa5e8 # v2` - **Added `persist-credentials: false`** to all checkout steps ```yaml - name: Checkout repo uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 with: persist-credentials: false ``` --- 💬 We'd love your input! Share your thoughts on Copilot coding agent in our [2 minute survey](https://gh.io/copilot-coding-agent-survey). --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: MariusStorhaug <17722253+MariusStorhaug@users.noreply.github.com> --- .github/workflows/Auto-Release.yml | 6 ++- .github/workflows/Linter.yml | 5 ++- .github/workflows/TestWorkflow.yml | 69 ++++++++++++++++++------------ 3 files changed, 48 insertions(+), 32 deletions(-) diff --git a/.github/workflows/Auto-Release.yml b/.github/workflows/Auto-Release.yml index dad9961..671e277 100644 --- a/.github/workflows/Auto-Release.yml +++ b/.github/workflows/Auto-Release.yml @@ -26,9 +26,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Auto-Release - uses: PSModule/Auto-Release@v1 + uses: PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 # v1 env: GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/Linter.yml b/.github/workflows/Linter.yml index 1962629..1f63358 100644 --- a/.github/workflows/Linter.yml +++ b/.github/workflows/Linter.yml @@ -19,12 +19,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 with: + persist-credentials: false fetch-depth: 0 - name: Lint code base - uses: super-linter/super-linter@latest + uses: super-linter/super-linter@2bdd90ed3262e023ac84bf8fe35dc480721fc1f2 # v8 env: GITHUB_TOKEN: ${{ github.token }} VALIDATE_JSON_PRETTIER: false diff --git a/.github/workflows/TestWorkflow.yml b/.github/workflows/TestWorkflow.yml index 263b6f9..7d86ce2 100644 --- a/.github/workflows/TestWorkflow.yml +++ b/.github/workflows/TestWorkflow.yml @@ -53,8 +53,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -76,8 +77,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false # # Not a supported way of running the action # # This syntax is specifically for using a function in a specific module # # i.e.: moduleName\functionName @@ -144,8 +146,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ id: test @@ -324,8 +327,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ id: test @@ -386,8 +390,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -404,8 +409,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -430,8 +436,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -456,8 +463,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -482,8 +490,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -517,8 +526,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test uses: ./ with: @@ -553,11 +563,12 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false # Login to Azure to enable KeyVault access - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@1384c340ab2dda50fed2bee3041d1d87018aa5e8 # v2 with: client-id: ${{ vars.AZURE_CLIENT_ID }} tenant-id: ${{ vars.AZURE_TENANT_ID }} @@ -602,11 +613,12 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false # Login to Azure to enable KeyVault access - name: Login to Azure - uses: azure/login@v2 + uses: azure/login@1384c340ab2dda50fed2bee3041d1d87018aa5e8 # v2 with: client-id: ${{ vars.AZURE_CLIENT_ID }} tenant-id: ${{ vars.AZURE_TENANT_ID }} @@ -650,8 +662,9 @@ jobs: steps: # Need to check out as part of the test, as its a local action - name: Checkout repo - uses: actions/checkout@v6 - + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 + with: + persist-credentials: false - name: Action-Test with PreserveCredentials false uses: ./ with: