diem · dependabot · May 7, 2024
diff --git a/.github/workflows/ci-post-land.yml b/.github/workflows/ci-post-land.yml
@@ -25,7 +25,7 @@ jobs:
       rust-changes: ${{ steps.rust-changes.outputs.changes-found }}
       base-image-changes: ${{ steps.base-image-changes.outputs.changes-found }}
     steps:
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -61,7 +61,7 @@ jobs:
   #    name: Sccache
   #  if: ${{ needs.prepare.outputs.rust-changes == 'true' }}
   #  steps:
-  #    - uses: actions/checkout@v2.3.4
+  #    - uses: actions/checkout@v4.1.5
   #      with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -93,7 +93,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     if: ${{ needs.prepare.outputs.rust-changes == 'true' }}
     steps:
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -127,7 +127,7 @@ jobs:
       volumes:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -167,7 +167,7 @@ jobs:
       - name: docker prune
         run: |
           docker system prune -f
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -193,7 +193,7 @@ jobs:
   #  # The pre-release suite run time varies 1~1.5 hr.
   #  timeout-minutes: 120
   #  steps:
-  #    - uses: actions/checkout@v2.4.0
+  #    - uses: actions/checkout@v4.1.5
   #      with:
   #        fetch-depth: 0 #get all the history!!!
   #    - name: set_env
@@ -274,7 +274,7 @@ jobs:
       - name: docker prune
         run: |
           docker system prune -f
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           fetch-depth: 0 #get all the history!!!
       #- name: setup_aws_ecr_login
@@ -364,7 +364,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
       - uses: ./.github/actions/build-setup
       - uses: actions/cache@v2.1.6
         with:

diff --git a/.github/workflows/ci-test-complete.yml b/.github/workflows/ci-test-complete.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     if: ${{ github.event.workflow_run.conclusion != 'skipped' }}
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
       - name: Download artifacts
         uses: diem/actions/get-artifacts@faadd16607b77dfa2231a8f366883e01717b3225
         with:

diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml
@@ -36,7 +36,7 @@ jobs:
       test-docker-compose: ${{ steps.docker-compose-changes.outputs.changes-found }}
       test-test-coverage: ${{ steps.test-coverage.outputs.changes-found }}
     steps:
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"
@@ -168,7 +168,7 @@ jobs:
   #    matrix:
   #      target_os: [alpine, arch, github]
   #  steps:
-  #    - uses: actions/checkout@v2.4.0
+  #    - uses: actions/checkout@v4.1.5
   #      with:
   #        ref: ${{ github.event.pull_request.head.sha }}
   #    - name: build image with dev-setup.sh
@@ -199,7 +199,7 @@ jobs:
       - name: docker prune
         run: |
           docker system prune -f
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           fetch-depth: 0 #get all the history!!!
       - id: changes
@@ -278,7 +278,7 @@ jobs:
       - name: docker prune
         run: |
           docker system prune -f
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0 #get all the history!!!
@@ -441,7 +441,7 @@ jobs:
       image: ghcr.io/diem/diem_build_environment:${{ needs.prepare.outputs.changes-target-branch }}
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: ./.github/actions/build-setup
@@ -472,7 +472,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: ./.github/actions/build-setup
@@ -505,7 +505,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0 #get all the history!!!
@@ -548,7 +548,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0 #get all the history!!!
@@ -588,7 +588,7 @@ jobs:
       MESSAGE_PAYLOAD_FILE: /tmp/message
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0 #get all the history!!!
@@ -669,7 +669,7 @@ jobs:
   #      - "${{github.workspace}}:/opt/git/diem"
   #  steps:
   #    - run: git config --global --add safe.directory '*'
-  #    - uses: actions/checkout@v2.3.4
+  #    - uses: actions/checkout@v4.1.5
   #      with:
   #        ref: ${{ github.event.pull_request.head.sha }}
   #        fetch-depth: 0 #get all the history!!!
@@ -696,7 +696,7 @@ jobs:
       - name: remove docker volumes
         run: |
           docker volume prune --all -f || echo "no volumes to remove"
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: install expect
@@ -745,7 +745,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: ./.github/actions/build-setup
@@ -774,7 +774,7 @@ jobs:
   #     volumes:
   #       - "${{github.workspace}}:/opt/git/diem"
   #   steps:
-  #     - uses: actions/checkout@v2.4.0
+  #     - uses: actions/checkout@v4.1.5
   #       with:
   #         ref: ${{ github.event.pull_request.head.sha }}
   #     - uses: ./.github/actions/build-setup
@@ -804,7 +804,7 @@ jobs:
     if: ${{ always() && needs.prepare.outputs.test-helm == 'true' }}
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Check machine details for minikube
@@ -884,7 +884,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
       - uses: ./.github/actions/build-setup
       - name: test
         working-directory: api
@@ -902,7 +902,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: ./.github/actions/build-setup
@@ -931,7 +931,7 @@ jobs:
         - "${{github.workspace}}:/opt/git/diem"
     steps:
       - run: git config --global --add safe.directory '*'
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: ./.github/actions/build-setup
@@ -963,7 +963,7 @@ jobs:
     steps:
       - run: git config --global --add safe.directory '*'
       # Checks-out the Diem website repository under $GITHUB_WORKSPACE, so job can access it
-      - uses: actions/checkout@v2.4.0
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - uses: actions/cache@v2.1.6
@@ -1010,7 +1010,7 @@ jobs:
   #  timeout-minutes: 65
   #  steps:
   #    - run: git config --global --add safe.directory '*'
-  #    - uses: actions/checkout@v2.4.0
+  #    - uses: actions/checkout@v4.1.5
   #      with:
   #        # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
   #        # On `push` this value will be empty and will "do-the-right-thing"
@@ -1135,7 +1135,7 @@ jobs:
   #  timeout-minutes: 65
   # steps:
   #    - run: git config --global --add safe.directory '*'
-  #    - uses: actions/checkout@v2.3.4
+  #    - uses: actions/checkout@v4.1.5
   #      with:
           # This ensures that the tip of the PR is checked out instead of the merge between the base ref and the tip
           # On `push` this value will be empty and will "do-the-right-thing"

diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
@@ -23,7 +23,7 @@ jobs:
     env:
       AUDIT_SUMMARY_FILE: /tmp/summary
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ matrix.target-branch }}
       - uses: ./.github/actions/build-setup
@@ -68,7 +68,7 @@ jobs:
       CODECOV_OUTPUT: codecov
       MESSAGE_PAYLOAD_FILE: /tmp/message
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
       - uses: ./.github/actions/build-setup
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v1
@@ -119,7 +119,7 @@ jobs:
       matrix:
         release-branch: [release-1.3, release-1.4]
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ matrix.release-branch }}
       - uses: ./.github/actions/build-setup
@@ -150,7 +150,7 @@ jobs:
       matrix:
         target-branch: [latest]
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
         with:
           ref: ${{ matrix.target-branch }}
       - uses: ./.github/actions/build-setup
@@ -179,7 +179,7 @@ jobs:
       name: Docker
       url: https://hub.docker.com/u/diem
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4.1.5
       - name: sign in to DockerHub; install image signing cert
         uses: ./.github/actions/dockerhub_login
         with:

diff --git a/.github/workflows/dep-summaries.yml b/.github/workflows/dep-summaries.yml
@@ -26,7 +26,7 @@ jobs:
       dep-auditors-list: ${{ steps.dep-auditors.outputs.list }}
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         if: ${{ startsWith(github.event_name, 'pull_request') }}
         with:
           ref: ${{ github.event.pull_request.head.sha }}
@@ -37,18 +37,18 @@ jobs:
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
       - name: checkout base ref
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         if: ${{ startsWith(github.event_name, 'pull_request') }}
         with:
           ref: ${{ steps.fetch-base-ref.outputs.ref }}
           path: libra-base
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         if: ${{ github.event_name == 'push' }}
         with:
           ref: ${{ github.event.after }}
       - name: checkout base ref
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         if: ${{ github.event_name == 'push' }}
         with:
           ref: ${{ github.event.before }}

diff --git a/.github/workflows/dep-update-review.yml b/.github/workflows/dep-update-review.yml
@@ -18,11 +18,11 @@ jobs:
       MAX_ALLOWED_CHARS: 65536
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: checkout base ref
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.base.sha }}
           path: diem-base

diff --git a/.github/workflows/hyperjump-comment.yml b/.github/workflows/hyperjump-comment.yml
@@ -10,7 +10,7 @@ jobs:
     name: (hyperjump) comment
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
       - name: comment
         uses: diem/actions/hyperjump-comment@a5fa31ff2b54a544cd88ac912cda469742592e6c
         with:

diff --git a/.github/workflows/hyperjump-labels.yml b/.github/workflows/hyperjump-labels.yml
@@ -10,7 +10,7 @@ jobs:
     name: (hyperjump) labels
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
       - name: labels
         uses: diem/actions/hyperjump-labels@a5fa31ff2b54a544cd88ac912cda469742592e6c
         with:

diff --git a/.github/workflows/hyperjump-request-review.yml b/.github/workflows/hyperjump-request-review.yml
@@ -10,7 +10,7 @@ jobs:
     name: (hyperjump) request-review
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
       - name: request review
         uses: diem/actions/hyperjump-request-review@a5fa31ff2b54a544cd88ac912cda469742592e6c
         with:

diff --git a/.github/workflows/jsonrpc-compat.yml b/.github/workflows/jsonrpc-compat.yml
@@ -11,7 +11,7 @@ jobs:
     name: Warn PR author about compatibility requirements
     steps:
       - name: checkout
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v4.1.5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: comment