From ccf2e603901df8d5ca2adf342887dae62f33f076 Mon Sep 17 00:00:00 2001 From: Armin Schrenk Date: Wed, 15 Oct 2025 14:55:39 +0200 Subject: [PATCH] add version info in a comment --- .github/workflows/appimage.yml | 14 ++++++------- .github/workflows/aur.yml | 4 ++-- .github/workflows/av-whitelist.yml | 10 ++++----- .github/workflows/build.yml | 8 +++---- .github/workflows/check-jdk-updates.yml | 4 ++-- .github/workflows/debian.yml | 6 +++--- .github/workflows/dependency-check.yml | 2 +- .github/workflows/dl-stats.yml | 4 ++-- .github/workflows/error-db.yml | 6 +++--- .github/workflows/flathub.yml | 4 ++-- .github/workflows/get-version.yml | 6 +++--- .github/workflows/mac-dmg-x64.yml | 10 ++++----- .github/workflows/mac-dmg.yml | 10 ++++----- .github/workflows/no-response.yml | 2 +- .github/workflows/post-publish.yml | 4 ++-- .github/workflows/pullrequest.yml | 4 ++-- .github/workflows/release-check.yml | 6 +++--- .github/workflows/stale.yml | 2 +- .github/workflows/win-exe.yml | 28 ++++++++++++------------- .github/workflows/winget.yml | 2 +- 20 files changed, 68 insertions(+), 68 deletions(-) diff --git a/.github/workflows/appimage.yml b/.github/workflows/appimage.yml index 6bcb09ba2..143746c53 100644 --- a/.github/workflows/appimage.yml +++ b/.github/workflows/appimage.yml @@ -44,9 +44,9 @@ jobs: openjfx-url: 'https://download2.gluonhq.com/openjfx/25/openjfx-25_linux-aarch64_bin-jmods.zip' openjfx-sha: '951c52481af0ec5885b06f1ebaa8a10da7e8ea23c5e1ef3e2f6f11fa1b3a7ce1' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -175,7 +175,7 @@ jobs: gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.AppImage gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.AppImage.zsync - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: appimage-${{ matrix.appimage-suffix }} path: | @@ -185,7 +185,7 @@ jobs: if-no-files-found: error - name: Publish AppImage on GitHub Releases if: startsWith(github.ref, 'refs/tags/') && github.event.action == 'published' - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: fail_on_unmatched_files: true token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} @@ -201,7 +201,7 @@ jobs: if: github.event_name == 'release' && needs.get-version.outputs.versionType == 'stable' steps: - name: Download AppImages - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: path: downloads/ merge-multiple: true @@ -212,7 +212,7 @@ jobs: echo "x64-sha256sum=${X64_SHA256}" >> "$GITHUB_OUTPUT" AARCH64_SHA256=$(sha256sum downloads/cryptomator-*-aarch64.AppImage | cut -d ' ' -f1) echo "aarch64-sha256sum=${AARCH64_SHA256}" >> "$GITHUB_OUTPUT" - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: repository: 'cryptomator/aur-bin' token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} @@ -247,7 +247,7 @@ jobs: env: GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_USERNAME: 'Cryptobot' diff --git a/.github/workflows/aur.yml b/.github/workflows/aur.yml index 4ed17afd5..b028273a4 100644 --- a/.github/workflows/aur.yml +++ b/.github/workflows/aur.yml @@ -48,7 +48,7 @@ jobs: env: AUR_PR_URL: tbd steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: repository: 'cryptomator/aur' token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} @@ -81,8 +81,8 @@ jobs: env: GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 if: github.event_name == 'release' + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_USERNAME: 'Cryptobot' diff --git a/.github/workflows/av-whitelist.yml b/.github/workflows/av-whitelist.yml index 9fac8729d..ca74a3281 100644 --- a/.github/workflows/av-whitelist.yml +++ b/.github/workflows/av-whitelist.yml @@ -41,7 +41,7 @@ jobs: - name: Download file run: curl --remote-name ${INPUT_URL} -L -o ${{steps.extractName.outputs.fileName}} - name: Upload artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: ${{ steps.extractName.outputs.fileName }} path: ${{ steps.extractName.outputs.fileName }} @@ -53,12 +53,12 @@ jobs: if: github.event_name == 'workflow_call' || inputs.kaspersky steps: - name: Download artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: ${{ needs.download-file.outputs.fileName }} path: upload - name: Upload to Kaspersky - uses: SamKirkland/FTP-Deploy-Action@a51268f67f6605236975928ae28b0f7e9971d50a + uses: SamKirkland/FTP-Deploy-Action@a51268f67f6605236975928ae28b0f7e9971d50a # v4.6.3 with: protocol: ftps server: allowlist.kaspersky-labs.com @@ -73,12 +73,12 @@ jobs: if: github.event_name == 'workflow_call' || inputs.avast steps: - name: Download artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: ${{ needs.download-file.outputs.fileName }} path: upload - name: Upload to Avast - uses: wlixcc/SFTP-Deploy-Action@a5ccb9c6211a94cc59404f0fdb2a9936a6dfee64 + uses: wlixcc/SFTP-Deploy-Action@a5ccb9c6211a94cc59404f0fdb2a9936a6dfee64 # v1.2.6 with: server: whitelisting.avast.com port: 22 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 30336d8fa..b528cfb49 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,14 +22,14 @@ jobs: name: Compile and Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} cache: 'maven' - name: Cache SonarCloud packages - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar @@ -49,7 +49,7 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - name: Draft a release if: startsWith(github.ref, 'refs/tags/') - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: draft: true discussion_category_name: releases diff --git a/.github/workflows/check-jdk-updates.yml b/.github/workflows/check-jdk-updates.yml index 0ada84896..432cf16b7 100644 --- a/.github/workflows/check-jdk-updates.yml +++ b/.github/workflows/check-jdk-updates.yml @@ -26,7 +26,7 @@ jobs: run: echo 'JDK_MAJOR_VERSION=${{ env.JDK_VERSION }}'.substring(0,20) >> "$env:GITHUB_ENV" shell: pwsh - name: Checkout latest JDK ${{ env.JDK_MAJOR_VERSION }} - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: java-version: ${{ env.JDK_MAJOR_VERSION}} distribution: ${{ env.JDK_VENDOR }} @@ -70,7 +70,7 @@ jobs: } - name: Notify if: steps.determine.outputs.UPDATE_AVAILABLE == 'true' - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_USERNAME: 'Cryptobot' diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml index 8ec0d8561..715fde74d 100644 --- a/.github/workflows/debian.yml +++ b/.github/workflows/debian.yml @@ -44,7 +44,7 @@ jobs: env: INPUT_PPAVER: ${{ inputs.ppaver }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - id: deb-version name: Determine deb-version run: | @@ -59,7 +59,7 @@ jobs: sudo apt-get update sudo apt-get install debhelper devscripts dput coffeelibs-jdk-${{ env.COFFEELIBS_JDK }}=${{ env.COFFEELIBS_JDK_VERSION }} - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -142,7 +142,7 @@ jobs: run: | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator_*_amd64.deb - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: linux-deb-package path: | diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 2636263d6..ddce37384 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -7,7 +7,7 @@ on: jobs: check-dependencies: - uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@1074588008ae3326a2221ea451783280518f0366 + uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@1074588008ae3326a2221ea451783280518f0366 # v3.0.1 with: runner-os: 'ubuntu-latest' java-distribution: 'temurin' diff --git a/.github/workflows/dl-stats.yml b/.github/workflows/dl-stats.yml index 258a02da5..401fa010a 100644 --- a/.github/workflows/dl-stats.yml +++ b/.github/workflows/dl-stats.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Get download count of latest releases id: get-stats - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | const query = `query($owner:String!, $name:String!) { @@ -53,7 +53,7 @@ jobs: INTERVAL: 900 JSON_DATA: ${{ steps.get-stats.outputs.result }} - name: Upload Results - uses: fjogeleit/http-request-action@1297c6fc63a79b147d1676540a3fd9d2e37817c5 + uses: fjogeleit/http-request-action@1297c6fc63a79b147d1676540a3fd9d2e37817c5 # v1.16.5 with: url: 'https://graphite-us-central1.grafana.net/metrics' method: 'POST' diff --git a/.github/workflows/error-db.yml b/.github/workflows/error-db.yml index d42242f0b..5c2ffebe8 100644 --- a/.github/workflows/error-db.yml +++ b/.github/workflows/error-db.yml @@ -14,7 +14,7 @@ jobs: - name: Query Discussion Data if: github.event_name == 'discussion_comment' || github.event_name == 'discussion' && github.event.action != 'deleted' id: query-data - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | const query = `query ($owner: String!, $name: String!, $discussionNumber: Int!) { @@ -42,7 +42,7 @@ jobs: return await github.graphql(query, variables) - name: Get Gist id: get-gist - uses: andymckay/get-gist-action@cf3bc8164af24126f7e5979eb6d3dc0c12309bd1 + uses: andymckay/get-gist-action@cf3bc8164af24126f7e5979eb6d3dc0c12309bd1 # not_tagged with: gistURL: https://gist.github.com/cryptobot/accba9fb9555e7192271b85606f97230 - name: Merge Error Code Data @@ -58,7 +58,7 @@ jobs: env: DISCUSSION: ${{ steps.query-data.outputs.result }} - name: Patch Gist - uses: exuanbo/actions-deploy-gist@47697fceaeea2006a90594ee24eb9cd0a1121ef8 + uses: exuanbo/actions-deploy-gist@47697fceaeea2006a90594ee24eb9cd0a1121ef8 # v1.1.4 with: token: ${{ secrets.CRYPTOBOT_GIST_TOKEN }} gist_id: accba9fb9555e7192271b85606f97230 diff --git a/.github/workflows/flathub.yml b/.github/workflows/flathub.yml index d409f72c3..d233a747b 100644 --- a/.github/workflows/flathub.yml +++ b/.github/workflows/flathub.yml @@ -43,7 +43,7 @@ jobs: env: FLATHUB_PR_URL: tbd steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: repository: 'flathub/org.cryptomator.Cryptomator' token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} @@ -71,7 +71,7 @@ jobs: env: GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 if: github.event_name == 'release' env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/get-version.yml b/.github/workflows/get-version.yml index 0b0582d63..5585d7ac5 100644 --- a/.github/workflows/get-version.yml +++ b/.github/workflows/get-version.yml @@ -35,11 +35,11 @@ jobs: revNum: ${{ steps.versions.outputs.revNum }} type: ${{ steps.versions.outputs.type}} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -73,6 +73,6 @@ jobs: env: VERSION_STRING: ${{ inputs.version }} - name: Validate Version - uses: skymatic/semver-validation-action@7a6ae1c9e121540d11c9c7e4e667c83d583aa153 + uses: skymatic/semver-validation-action@7a6ae1c9e121540d11c9c7e4e667c83d583aa153 # v3.0.0 with: version: ${{ steps.versions.outputs.semVerStr }} \ No newline at end of file diff --git a/.github/workflows/mac-dmg-x64.yml b/.github/workflows/mac-dmg-x64.yml index 2d3a6a7d4..59772c5eb 100644 --- a/.github/workflows/mac-dmg-x64.yml +++ b/.github/workflows/mac-dmg-x64.yml @@ -47,9 +47,9 @@ jobs: openjfx-url: 'https://download2.gluonhq.com/openjfx/25/openjfx-25_osx-x64_bin-jmods.zip' openjfx-sha: '0eba73fb28a24c845175d16fa2f8c081c936ce6de1be9b79eb6119fa32e53d52' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -261,7 +261,7 @@ jobs: CODESIGN_IDENTITY: ${{ secrets.MACOS_CODESIGN_IDENTITY }} - name: Notarize .dmg if: startsWith(github.ref, 'refs/tags/') || inputs.notarize - uses: cocoalibs/xcode-notarization-action@5cf433d494b6fa26504b574c591f4dd120388846 + uses: cocoalibs/xcode-notarization-action@5cf433d494b6fa26504b574c591f4dd120388846 # v1.0.3 with: app-path: 'Cryptomator-*.dmg' apple-id: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} @@ -282,7 +282,7 @@ jobs: run: security delete-keychain $RUNNER_TEMP/codesign.keychain-db continue-on-error: true - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: dmg-${{ matrix.output-suffix }} path: | @@ -291,7 +291,7 @@ jobs: if-no-files-found: error - name: Publish dmg on GitHub Releases if: startsWith(github.ref, 'refs/tags/') && github.event.action == 'published' - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: fail_on_unmatched_files: true token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} diff --git a/.github/workflows/mac-dmg.yml b/.github/workflows/mac-dmg.yml index d7455c7f8..59dffc296 100644 --- a/.github/workflows/mac-dmg.yml +++ b/.github/workflows/mac-dmg.yml @@ -45,9 +45,9 @@ jobs: openjfx-url: 'https://download2.gluonhq.com/openjfx/25/openjfx-25_osx-aarch64_bin-jmods.zip' openjfx-sha: '13f8c0513c40c95881479fbcf0465a29a60217393fb0656f5e4eab78a9442fba' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -260,7 +260,7 @@ jobs: CODESIGN_IDENTITY: ${{ secrets.MACOS_CODESIGN_IDENTITY }} - name: Notarize .dmg if: startsWith(github.ref, 'refs/tags/') || inputs.notarize - uses: cocoalibs/xcode-notarization-action@5cf433d494b6fa26504b574c591f4dd120388846 + uses: cocoalibs/xcode-notarization-action@5cf433d494b6fa26504b574c591f4dd120388846 # v1.0.3 with: app-path: 'Cryptomator-*.dmg' apple-id: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} @@ -281,7 +281,7 @@ jobs: run: security delete-keychain $RUNNER_TEMP/codesign.keychain-db continue-on-error: true - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: dmg-${{ matrix.output-suffix }} path: | @@ -290,7 +290,7 @@ jobs: if-no-files-found: error - name: Publish dmg on GitHub Releases if: startsWith(github.ref, 'refs/tags/') && github.event.action == 'published' - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: fail_on_unmatched_files: true token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} diff --git a/.github/workflows/no-response.yml b/.github/workflows/no-response.yml index d4f659e5e..9da0bfbc6 100644 --- a/.github/workflows/no-response.yml +++ b/.github/workflows/no-response.yml @@ -12,7 +12,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 + - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 with: days-before-stale: 14 days-before-close: 0 diff --git a/.github/workflows/post-publish.yml b/.github/workflows/post-publish.yml index 40eee58fe..14b115f02 100644 --- a/.github/workflows/post-publish.yml +++ b/.github/workflows/post-publish.yml @@ -19,14 +19,14 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Publish asc on GitHub Releases - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: fail_on_unmatched_files: true token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} files: | cryptomator-*.tar.gz.asc - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_USERNAME: 'Cryptobot' diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index d90f33f4a..8bfddf2d4 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -16,8 +16,8 @@ jobs: name: Compile and Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} diff --git a/.github/workflows/release-check.yml b/.github/workflows/release-check.yml index bacec536d..e1739326e 100644 --- a/.github/workflows/release-check.yml +++ b/.github/workflows/release-check.yml @@ -19,9 +19,9 @@ jobs: name: Validate commits pushed to release/hotfix branch to fulfill release requirements runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ env.JAVA_DIST }} java-version: ${{ env.JAVA_VERSION }} @@ -49,7 +49,7 @@ jobs: exit 1 fi - name: Cache NVD DB - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: ~/.m2/repository/org/owasp/dependency-check-data/ key: dependency-check-${{ github.run_id }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a63ef1c8b..1a2dd28af 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 + - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 with: days-before-stale: 365 days-before-close: 90 diff --git a/.github/workflows/win-exe.yml b/.github/workflows/win-exe.yml index d427280cf..74862d233 100644 --- a/.github/workflows/win-exe.yml +++ b/.github/workflows/win-exe.yml @@ -55,9 +55,9 @@ jobs: java-version: '24.0.1+9' java-package: 'jdk' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ matrix.java-dist }} java-version: ${{ matrix.java-version }} @@ -194,7 +194,7 @@ jobs: Get-ChildItem -Recurse -Path "jpackage-jmod" -File wixhelper.dll | Select-Object -Last 1 | Copy-Item -Destination "appdir" - name: Sign DLLs with Actalis CodeSigner if: inputs.sign || github.event_name == 'release' - uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f + uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f # no specific version with: base-dir: 'appdir' file-extensions: 'dll,exe,ps1' @@ -253,7 +253,7 @@ jobs: JP_WIXHELPER_DIR: ${{ github.workspace }}\appdir - name: Sign msi with Actalis CodeSigner if: inputs.sign || github.event_name == 'release' - uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f + uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f # no specific version with: base-dir: 'installer' file-extensions: 'msi' @@ -271,7 +271,7 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: msi-${{ matrix.arch }} path: | @@ -293,21 +293,21 @@ jobs: java-version: '24.0.1+9' java-package: 'jdk' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Install wix and extensions run: | dotnet tool install --global wix --version 6.0.0 wix.exe extension add WixToolset.BootstrapperApplications.wixext/6.0.0 --global wix.exe extension add WixToolset.Util.wixext/6.0.0 --global - name: Download .msi - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: msi-${{ matrix.arch }} path: dist/win/bundle/resources - name: Strip version info from msi file name run: mv dist/win/bundle/resources/Cryptomator*.msi dist/win/bundle/resources/Cryptomator.msi - name: Setup Java - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: distribution: ${{ matrix.java-dist }} java-version: ${{ matrix.java-version }} @@ -359,7 +359,7 @@ jobs: wix burn detach installer/unsigned/Cryptomator-Installer.exe -engine tmp/engine.exe - name: Sign burn engine with Actalis CodeSigner if: inputs.sign || github.event_name == 'release' - uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f + uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f # no specific version with: base-dir: 'tmp' file-extensions: 'exe' @@ -372,7 +372,7 @@ jobs: wix burn reattach installer/unsigned/Cryptomator-Installer.exe -engine tmp/engine.exe -o installer/Cryptomator-Installer.exe - name: Sign installer with Actalis CodeSigner if: inputs.sign || github.event_name == 'release' - uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f + uses: skymatic/workflows/.github/actions/win-sign-action@450e322ff2214d0be0b079b63343c894f3ef735f # no specific version with: base-dir: 'installer' file-extensions: 'exe' @@ -390,7 +390,7 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: exe-${{ matrix.executable-suffix }} path: | @@ -408,12 +408,12 @@ jobs: download-url-exe-x64: ${{ fromJSON(steps.publish.outputs.assets)[2].browser_download_url }} steps: - name: Download installers - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: merge-multiple: true - name: Publish installers on GitHub Releases id: publish - uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: fail_on_unmatched_files: true token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} @@ -444,7 +444,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_USERNAME: 'Cryptobot' diff --git a/.github/workflows/winget.yml b/.github/workflows/winget.yml index d9e7db86f..5ab150229 100644 --- a/.github/workflows/winget.yml +++ b/.github/workflows/winget.yml @@ -18,7 +18,7 @@ jobs: env: GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - name: Submit package - uses: vedantmgoyal2009/winget-releaser@19e706d4c9121098010096f9c495a70a7518b30f + uses: vedantmgoyal2009/winget-releaser@19e706d4c9121098010096f9c495a70a7518b30f # no_specific_version with: identifier: Cryptomator.Cryptomator version: ${{ inputs.tag }}