diff --git a/.github/workflows/qa-deprecated-c-cpp.yml b/.github/workflows/qa-deprecated-c-cpp.yml index d787e30..356c063 100644 --- a/.github/workflows/qa-deprecated-c-cpp.yml +++ b/.github/workflows/qa-deprecated-c-cpp.yml @@ -31,7 +31,7 @@ jobs: exit 1 fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis diff --git a/.github/workflows/qa-install-build-wrapper.yml b/.github/workflows/qa-install-build-wrapper.yml index 35e0eff..d177888 100644 --- a/.github/workflows/qa-install-build-wrapper.yml +++ b/.github/workflows/qa-install-build-wrapper.yml @@ -31,7 +31,7 @@ jobs: exit 1 fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis diff --git a/.github/workflows/qa-main.yml b/.github/workflows/qa-main.yml index 4a78ea9..3d7098b 100644 --- a/.github/workflows/qa-main.yml +++ b/.github/workflows/qa-main.yml @@ -16,7 +16,7 @@ jobs: os: [ ubuntu-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action without args @@ -35,7 +35,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -57,7 +57,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with args @@ -82,7 +82,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - run: mkdir -p ./baseDir @@ -102,7 +102,7 @@ jobs: 'scannerVersion' input runs-on: ubuntu-latest-large # assumes default RUNNER_ARCH for linux is X64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerVersion @@ -122,7 +122,7 @@ jobs: 'scannerBinariesUrl' input with invalid URL runs-on: ubuntu-latest-large # assumes default RUNNER_ARCH for linux is X64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerBinariesUrl @@ -150,7 +150,7 @@ jobs: 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with scannerBinariesUrl @@ -171,7 +171,7 @@ jobs: 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Remove wget @@ -200,7 +200,7 @@ jobs: Don't fail on Gradle project runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Gradle project @@ -221,7 +221,7 @@ jobs: Don't fail on Kotlin Gradle project runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Kotlin Gradle project @@ -242,7 +242,7 @@ jobs: Don't fail on Maven project runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on Maven project @@ -275,7 +275,7 @@ jobs: --health-timeout 5s --health-retries 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action on sample project @@ -297,7 +297,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with debug mode @@ -328,7 +328,7 @@ jobs: --health-timeout 5s --health-retries 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: SonarQube Cache @@ -356,7 +356,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with SONARCLOUD_URL @@ -374,7 +374,7 @@ jobs: name: Don't fail when missing wget but curl available runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Remove wget @@ -400,7 +400,7 @@ jobs: name: Don't fail when missing curl but wget available runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Remove curl @@ -427,7 +427,7 @@ jobs: name: Fail when both wget and curl are missing runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Remove wget and curl @@ -460,7 +460,7 @@ jobs: curl performs redirect when scannerBinariesUrl returns 3xx runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Remove wget @@ -495,7 +495,7 @@ jobs: os: [ ubuntu-latest-large, windows-latest-large, macos-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with SSL certificate @@ -546,7 +546,7 @@ jobs: Analysis takes into account 'SONAR_ROOT_CERT' runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Generate server certificate @@ -654,7 +654,7 @@ jobs: 'SCANNER_LOCAL_FOLDER' is cleaned with warning when present runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Create a dummy SCANNER_LOCAL_FOLDER with dummy content in it @@ -688,7 +688,7 @@ jobs: truststore.p12 is updated when present runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Create SONAR_SSL_FOLDER with a file in it (not-truststore.p12) @@ -817,7 +817,7 @@ jobs: 'scannerVersion' input validation runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run action with invalid scannerVersion diff --git a/.github/workflows/qa-scripts.yml b/.github/workflows/qa-scripts.yml index 0ca894f..f612f46 100644 --- a/.github/workflows/qa-scripts.yml +++ b/.github/workflows/qa-scripts.yml @@ -12,7 +12,7 @@ jobs: name: create_install_path.sh runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -123,7 +123,7 @@ jobs: SONAR_SCANNER_URL_MACOSX_AARCH64: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-macosx-aarch64.zip' SONAR_SCANNER_SHA_MACOSX_AARCH64: 'DOWNLOAD-SHA-MACOSX-AARCH64' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -252,7 +252,7 @@ jobs: name: download.sh runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis @@ -321,7 +321,7 @@ jobs: name: fetch_latest_version.sh runs-on: ubuntu-latest-large steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Test script diff --git a/.github/workflows/update-tags.yml b/.github/workflows/update-tags.yml index a673b7f..f274841 100644 --- a/.github/workflows/update-tags.yml +++ b/.github/workflows/update-tags.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Parse semver uses: madhead/semver-utils@36d1e0ed361bd7b4b77665de8093092eaeabe6ba # v4.3.0 diff --git a/.github/workflows/version_update.yml b/.github/workflows/version_update.yml index 147bf08..9be42a6 100644 --- a/.github/workflows/version_update.yml +++ b/.github/workflows/version_update.yml @@ -13,7 +13,7 @@ jobs: new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }} steps: - run: sudo apt install -y jq - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: master fetch-depth: 0 @@ -49,7 +49,7 @@ jobs: pull-requests: write if: needs.check-version.outputs.should_update == 'true' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: master persist-credentials: true