diff --git a/.github/actions/set-up-bazel/action.yaml b/.github/actions/set-up-bazel/action.yaml index acde37f61..8c0b8acf1 100644 --- a/.github/actions/set-up-bazel/action.yaml +++ b/.github/actions/set-up-bazel/action.yaml @@ -22,12 +22,10 @@ description: Installs Bazel and sets up multiple caches inputs: debug: description: 'Run with debugging options' - type: boolean required: false default: true bazel-version: description: 'Version of Bazel to use:' - type: string required: false default: '' diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 2e383f21f..4a9106311 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -62,7 +62,7 @@ jobs: timeout-minutes: 20 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -97,7 +97,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -118,7 +118,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -140,7 +140,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -164,7 +164,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -187,7 +187,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -225,7 +225,7 @@ jobs: - '3.13' steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: submodules: recursive @@ -311,7 +311,7 @@ jobs: parallel_opt: [openmp, nopenmp] steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: submodules: recursive @@ -366,7 +366,7 @@ jobs: tests:all steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: submodules: recursive @@ -418,7 +418,7 @@ jobs: BUILDKIT_PROGRESS: ${{inputs.debug && 'plain'}} steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: submodules: recursive diff --git a/.github/workflows/cirq_compatibility.yml b/.github/workflows/cirq_compatibility.yml index 79bdf56ed..271e953a4 100644 --- a/.github/workflows/cirq_compatibility.yml +++ b/.github/workflows/cirq_compatibility.yml @@ -40,7 +40,7 @@ jobs: timeout-minutes: 30 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 1 submodules: recursive diff --git a/.github/workflows/osv-scanner.yaml b/.github/workflows/osv-scanner.yaml index 28df09ed3..b5e83a46c 100644 --- a/.github/workflows/osv-scanner.yaml +++ b/.github/workflows/osv-scanner.yaml @@ -62,7 +62,7 @@ jobs: SHELLOPTS: ${{inputs.debug && 'xtrace' || '' }} steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 @@ -73,7 +73,7 @@ jobs: - name: Run OSV scanner on existing code # yamllint disable rule:line-length - uses: google/osv-scanner-action/osv-scanner-action@9bb69575e74019c2ad085a1860787043adf47ccb # v2.2.4 + uses: google/osv-scanner-action/osv-scanner-action@b77c075a1235514558f0eb88dbd31e22c45e0cd2 # v2.3.0 continue-on-error: true with: scan-args: |- @@ -91,7 +91,7 @@ jobs: - name: Run OSV scanner on new code # yamllint disable rule:line-length - uses: google/osv-scanner-action/osv-scanner-action@9bb69575e74019c2ad085a1860787043adf47ccb # v2.2.4 + uses: google/osv-scanner-action/osv-scanner-action@b77c075a1235514558f0eb88dbd31e22c45e0cd2 # v2.3.0 continue-on-error: true with: scan-args: |- @@ -103,7 +103,7 @@ jobs: - name: Run the OSV scanner reporter for the job summary page # yamllint disable rule:line-length - uses: google/osv-scanner-action/osv-reporter-action@9bb69575e74019c2ad085a1860787043adf47ccb # v2.2.4 + uses: google/osv-scanner-action/osv-reporter-action@b77c075a1235514558f0eb88dbd31e22c45e0cd2 # v2.3.0 with: scan-args: |- --output=markdown:output.md @@ -116,7 +116,7 @@ jobs: - name: Run the OSV scanner reporter for the code-scanning dashboard # yamllint disable rule:line-length - uses: google/osv-scanner-action/osv-reporter-action@9bb69575e74019c2ad085a1860787043adf47ccb # v2.2.4 + uses: google/osv-scanner-action/osv-reporter-action@b77c075a1235514558f0eb88dbd31e22c45e0cd2 # v2.3.0 with: scan-args: |- --output=osv-results.sarif @@ -128,7 +128,7 @@ jobs: - name: Upload results to the repository's code-scanning results dashboard id: upload_artifact # yamllint disable rule:line-length - uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 + uses: github/codeql-action/upload-sarif@ba454b8ab46733eb6145342877cd148270bb77ab # codeql-bundle-v2.23.5 with: sarif_file: osv-results.sarif diff --git a/.github/workflows/pr-labeler.yaml b/.github/workflows/pr-labeler.yaml index 2d2874d5d..f24cb42a6 100644 --- a/.github/workflows/pr-labeler.yaml +++ b/.github/workflows/pr-labeler.yaml @@ -61,7 +61,7 @@ jobs: SHELLOPTS: ${{inputs.debug && 'xtrace' || '' }} steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: sparse-checkout: | ./dev_tools/ci/size-labeler.sh diff --git a/.github/workflows/scorecard-scanner.yaml b/.github/workflows/scorecard-scanner.yaml index 40ce8b7f0..01f640c5d 100644 --- a/.github/workflows/scorecard-scanner.yaml +++ b/.github/workflows/scorecard-scanner.yaml @@ -57,7 +57,7 @@ jobs: timeout-minutes: 15 steps: - name: Check out a copy of the git repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false @@ -73,11 +73,11 @@ jobs: - name: Upload results to code-scanning dashboard # yamllint disable rule:line-length - uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 + uses: github/codeql-action/upload-sarif@ba454b8ab46733eb6145342877cd148270bb77ab # codeql-bundle-v2.23.5 with: sarif_file: scorecard-results.sarif - - if: github.event.inputs.debug == true + - if: github.event.inputs.debug == true || runner.debug == true name: Upload results as artifacts to the workflow Summary page # yamllint disable rule:line-length uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 @@ -91,7 +91,7 @@ jobs: write-summary: name: Scorecard results needs: run-scorecard - runs-on: ubuntu-24.04 + runs-on: ubuntu-slim timeout-minutes: 5 steps: - name: Write the Scorecard report page link to the workflow summary