From 7ef01ec7b1a69a0b7b57abd0f5d72c1c1e01dc69 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 12:48:07 +0200 Subject: [PATCH 1/6] update actions/ checkout to v6.0.3 --- .github/workflows/package.yml | 8 ++++---- .github/workflows/scorecard.yml | 2 +- .github/workflows/testing.yml | 14 +++++++------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 9ede3a352..0727b8499 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -20,12 +20,12 @@ jobs: timeout-minutes: 10 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Package Testrun shell: bash {0} run: cmd/package - name: Archive package - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: testrun_package path: testrun*.deb @@ -38,7 +38,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download package uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: @@ -72,7 +72,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download package uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f0f89a631..84c07836d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -28,7 +28,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index b7b6a01a9..d1c378acd 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 60 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install dependencies shell: bash {0} run: cmd/prepare @@ -33,7 +33,7 @@ jobs: timeout-minutes: 20 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install dependencies shell: bash {0} run: cmd/prepare @@ -52,7 +52,7 @@ jobs: timeout-minutes: 60 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install dependencies shell: bash {0} run: cmd/prepare @@ -81,7 +81,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install dependencies shell: bash {0} run: cmd/prepare @@ -127,7 +127,7 @@ jobs: timeout-minutes: 5 steps: - name: Checkout source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Run pylint shell: bash {0} run: testing/pylint/test_pylint @@ -137,7 +137,7 @@ jobs: name: UI runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Node uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 @@ -171,7 +171,7 @@ jobs: name: ESLint runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Node uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 From 93139be52f64bac67cbd8e5a1a2b4ff7d6bcd84a Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 12:57:35 +0200 Subject: [PATCH 2/6] update upload-artifact action to v7.0.1 --- .github/workflows/scorecard.yml | 2 +- .github/workflows/testing.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 84c07836d..01c42f5e5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -55,7 +55,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index d1c378acd..dd327f1b5 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -67,7 +67,7 @@ jobs: if: ${{ always() }} run: sudo tar --exclude-vcs -czf runtime.tgz runtime/ local/ - name: Upload runtime results - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: ${{ always() }} with: if-no-files-found: error @@ -113,7 +113,7 @@ jobs: shell: bash {0} run: bash testing/unit/run_report_test.sh testing/unit/report/report_test.py - name: Upload reports - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 if: ${{ always() }} with: if-no-files-found: error From 93791248d7d18c6886e4475f81ff418415f5732a Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 13:50:33 +0200 Subject: [PATCH 3/6] update upload artifact github actions to v8.0.1 --- .github/workflows/package.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 0727b8499..e8223de30 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -40,7 +40,7 @@ jobs: - name: Checkout source uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download package - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: testrun_package - name: Install dependencies @@ -74,7 +74,7 @@ jobs: - name: Checkout source uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download package - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: testrun_package - name: Install dependencies From 7dea5f9e4376aa3de2bface623ecdf91feccb381 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 14:00:12 +0200 Subject: [PATCH 4/6] update scorecard version to 2.4.3 --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 01c42f5e5..959d29e57 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif From cd33dc89f2548c05e159a84dd32df1c89b4ae761 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 14:17:08 +0200 Subject: [PATCH 5/6] codeql upload update to 4.36.2 --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 959d29e57..6aa2a0b64 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -64,6 +64,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: sarif_file: results.sarif \ No newline at end of file From b3f7703477dc9158312f8cfdda8b8652d6dc167c Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Tue, 16 Jun 2026 14:24:14 +0200 Subject: [PATCH 6/6] setup-node actions update to v6.4.0 --- .github/workflows/testing.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index dd327f1b5..2a964013c 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -140,9 +140,9 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Node - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: - node-version: '20' + node-version: '24' cache: 'npm' cache-dependency-path: './modules/ui/package-lock.json' @@ -174,9 +174,9 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Node - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: - node-version: '20' + node-version: '24' cache: 'npm' cache-dependency-path: './modules/ui/package-lock.json'