diff --git a/.automation/test/action/.github/workflows/actionlint_bad_1.yml b/.automation/test/action/.github/workflows/actionlint_bad_1.yml index 3349a5b7e88..1ed9b868122 100644 --- a/.automation/test/action/.github/workflows/actionlint_bad_1.yml +++ b/.automation/test/action/.github/workflows/actionlint_bad_1.yml @@ -11,7 +11,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - run: echo "Checking commit '${{ github.event.head_commit.message }}'" - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node_version: 16.x diff --git a/.automation/test/action/.github/workflows/actionlint_good_1.yaml b/.automation/test/action/.github/workflows/actionlint_good_1.yaml index 844a53f4a31..c791015a18b 100644 --- a/.automation/test/action/.github/workflows/actionlint_good_1.yaml +++ b/.automation/test/action/.github/workflows/actionlint_good_1.yaml @@ -17,7 +17,7 @@ jobs: env: COMMIT_MESSAGE: ${{ github.event.head_commit.message }} run: echo "Checking commit '$COMMIT_MESSAGE'" - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: 18.x diff --git a/CHANGELOG.md b/CHANGELOG.md index 73e09b037bb..7c6aaa435de 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Flavors - CI + - Bump actions/checkout from 3 to 4 - Linter versions upgrades - [checkov](https://www.checkov.io/) from 3.2.122 to **3.2.124** on 2024-06-02 diff --git a/README.md b/README.md index 98ca3a21c76..5075684ec8a 100644 --- a/README.md +++ b/README.md @@ -465,7 +465,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances diff --git a/docs/descriptors/repository_gitleaks.md b/docs/descriptors/repository_gitleaks.md index b22015cdff9..d870a434466 100644 --- a/docs/descriptors/repository_gitleaks.md +++ b/docs/descriptors/repository_gitleaks.md @@ -24,7 +24,7 @@ To scan only PR commits, the [shallow fetch](https://git-scm.com/docs/git-fetch# #### GitHub Actions ```yml -- uses: actions/checkout@v3 +- uses: actions/checkout@v4 with: fetch-depth: 0 ``` diff --git a/docs/install-github.md b/docs/install-github.md index 9f1f0abe426..5fa5b8e579e 100644 --- a/docs/install-github.md +++ b/docs/install-github.md @@ -61,7 +61,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances diff --git a/mega-linter-runner/lib/upgrade.js b/mega-linter-runner/lib/upgrade.js index 395a9157a93..bb23ef94807 100644 --- a/mega-linter-runner/lib/upgrade.js +++ b/mega-linter-runner/lib/upgrade.js @@ -231,6 +231,12 @@ jobs: test: "uses: actions/checkout@v2", testRes: "uses: actions/checkout@v3", }, + { + regex: /actions\/checkout@v3/gm, + replacement: "actions/checkout@v4", + test: "uses: actions/checkout@v3", + testRes: "uses: actions/checkout@v4", + }, // Documentation base URL { regex: /https:\/\/megalinter\.github\.io/gm, diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml index 76e60d4f941..277a2ef263f 100644 --- a/megalinter/descriptors/repository.megalinter-descriptor.yml +++ b/megalinter/descriptors/repository.megalinter-descriptor.yml @@ -195,7 +195,7 @@ linters: #### GitHub Actions ```yml - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 ```