diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 0011ce443..a5a0e83e7 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -5,7 +5,7 @@ runs: steps: - uses: pnpm/action-setup@v4 with: - version: 9.7.0 + version: 9.12.3 - uses: actions/setup-node@v3 with: diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml deleted file mode 100644 index 3a4c48471..000000000 --- a/.github/workflows/audit.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: 🔎 Audit - -on: - push: - branches: - - new-dawn - pull_request: - paths: - - 'pnpm-*.yaml' - - 'package.json' - - 'packages/**/package.json' - - 'wallets/**/package.json' - - 'examples/**/package.json' - - 'release/package.json' - - 'docs/package.json' - -jobs: - audit: - name: Audit dependencies - runs-on: ubuntu-latest - container: - image: synthetixio/docker-sec-tools:20.11-alpine - - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 - - - name: Audit dependencies - run: audit-ci --critical --report-type full diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f97251297..fb41c89d1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -16,15 +16,15 @@ jobs: steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # pin@v2.16.1 + uses: github/codeql-action/init@af56b044b5d41c317aef5d19920b3183cb4fbbec # pin@v2.19.2 with: queries: security-and-quality languages: javascript-typescript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # pin@v2.16.1 + uses: github/codeql-action/analyze@af56b044b5d41c317aef5d19920b3183cb4fbbec # pin@v2.19.2 with: category: "/language:javascript-typescript" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index fd6f84884..8f5e917e1 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: name: Check code style runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4.2.2 - name: Setup Node & Install dependencies uses: ./.github/actions/setup diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index e33886cf5..60b839f50 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -9,7 +9,7 @@ jobs: name: Validate title runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4.2.2 - name: Setup Node & Install dependencies uses: ./.github/actions/setup diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c9b123047..570f97d8d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,7 +16,7 @@ jobs: name: Run unit tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4.2.2 - name: Setup Node & Install dependencies uses: ./.github/actions/setup @@ -31,20 +31,20 @@ jobs: name: Run E2E tests (headful) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4.2.2 - name: Setup Node & Install dependencies uses: ./.github/actions/setup - name: Install Foundry - uses: foundry-rs/foundry-toolchain@v1 + uses: foundry-rs/foundry-toolchain@8f1998e9878d786675189ef566a2e4bf24869773 # pin@v1.2.0 - name: Install Playwright dependencies - run: pnpm dlx playwright@1.44.0 install-deps + run: pnpm dlx playwright@1.48.2 install-deps # For now, we only need Chromium. - name: Install browsers for Playwright - run: pnpm dlx playwright@1.44.0 install chromium + run: pnpm dlx playwright@1.48.2 install chromium - name: Build project run: pnpm run build