diff --git a/.github/workflows/auto-assign-issue.yml b/.github/workflows/auto-assign-issue.yml index d87a571dc..d92fc968c 100644 --- a/.github/workflows/auto-assign-issue.yml +++ b/.github/workflows/auto-assign-issue.yml @@ -27,7 +27,7 @@ jobs: issues: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Assign the issue run: | diff --git a/.github/workflows/auto-gh-pr.yml b/.github/workflows/auto-gh-pr.yml index 0913655ca..d6ea7494d 100644 --- a/.github/workflows/auto-gh-pr.yml +++ b/.github/workflows/auto-gh-pr.yml @@ -29,7 +29,7 @@ jobs: if: github.event.pull_request.base.ref == 'main' && github.event.pull_request.merged == true steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/auto-invite.yml b/.github/workflows/auto-invite.yml index 9f5597e34..cfec1e04f 100644 --- a/.github/workflows/auto-invite.yml +++ b/.github/workflows/auto-invite.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Invite user to join our group - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} issue-number: ${{ github.event.issue.number }} diff --git a/.github/workflows/auto-tag.yml b/.github/workflows/auto-tag.yml index e50ab4ed6..69d88c2c6 100644 --- a/.github/workflows/auto-tag.yml +++ b/.github/workflows/auto-tag.yml @@ -26,7 +26,7 @@ jobs: if: startsWith(github.event.comment.body, '/create tag') steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Validate version number and get comment id: validate diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index db154c467..9724da2cf 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -32,16 +32,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # docker.io/openim/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: openim/openim-chat # generate Docker tags based on the following events/attributes @@ -57,13 +57,13 @@ jobs: type=sha - name: Log in to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x @@ -76,15 +76,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta2 - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-chat tags: | @@ -99,14 +99,14 @@ jobs: type=sha - name: Log in to AliYun Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: registry.cn-hangzhou.aliyuncs.com username: ${{ secrets.ALIREGISTRY_USERNAME }} password: ${{ secrets.ALIREGISTRY_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x @@ -119,15 +119,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # ghcr.io/openimsdk/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta3 - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: ghcr.io/openimsdk/openim-chat tags: | @@ -142,14 +142,14 @@ jobs: type=sha - name: Log in to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x diff --git a/.github/workflows/chatci.yml b/.github/workflows/chatci.yml index c54e08219..950c76853 100644 --- a/.github/workflows/chatci.yml +++ b/.github/workflows/chatci.yml @@ -52,7 +52,7 @@ jobs: steps: - name: Set up Go ${{ matrix.go_version }} - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.go_version }} id: go diff --git a/.github/workflows/check-coverage.yml b/.github/workflows/check-coverage.yml index 7080ef7be..354e5e94a 100644 --- a/.github/workflows/check-coverage.yml +++ b/.github/workflows/check-coverage.yml @@ -41,10 +41,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Golang with cache - uses: magnetikonline/action-golang-cache@v4 + uses: magnetikonline/action-golang-cache@v5 with: go-version: ${{ env.GO_VERSION }} @@ -56,4 +56,4 @@ jobs: continue-on-error: true - name: Upload Coverage to Codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 3f658284a..81700153a 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -41,7 +41,7 @@ jobs: steps: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.3.0 + uses: contributor-assistant/github-action@v2.3.2 env: GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN: ${{ secrets.REDBOT_GITHUB_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6233ffcad..600919bc0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -47,11 +47,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java, ruby @@ -59,7 +59,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,4 +73,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 \ No newline at end of file + uses: github/codeql-action/analyze@v3 \ No newline at end of file diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index c95afb845..145bfcb63 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Dependency Review' - uses: actions/dependency-review-action@v3 \ No newline at end of file + uses: actions/dependency-review-action@v4 \ No newline at end of file diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml index 708eca4f8..b99330c05 100644 --- a/.github/workflows/gosec.yml +++ b/.github/workflows/gosec.yml @@ -37,7 +37,7 @@ jobs: GO111MODULE: on steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Gosec Security Scanner uses: securego/gosec@master with: diff --git a/.github/workflows/help-comment-issue.yml b/.github/workflows/help-comment-issue.yml index 755fb035d..34ed3665e 100644 --- a/.github/workflows/help-comment-issue.yml +++ b/.github/workflows/help-comment-issue.yml @@ -25,7 +25,7 @@ jobs: issues: write steps: - name: Add comment - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4 with: issue-number: ${{ github.event.issue.number }} token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/language-check.yml b/.github/workflows/language-check.yml index 904323cd9..5d8d553e4 100644 --- a/.github/workflows/language-check.yml +++ b/.github/workflows/language-check.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Code Language Detector uses: kubecub/comment-lang-detector@v1.0.0 diff --git a/.github/workflows/lock-issue.yml b/.github/workflows/lock-issue.yml index 6a9aed9ba..edf280965 100644 --- a/.github/workflows/lock-issue.yml +++ b/.github/workflows/lock-issue.yml @@ -30,7 +30,7 @@ jobs: action: runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@v4 + - uses: dessant/lock-threads@v5 with: github-token: ${{ secrets.BOT_GITHUB_TOKEN }} issue-inactive-days: '365' diff --git a/.github/workflows/project-progress.yml b/.github/workflows/project-progress.yml index e6a7156e1..bbe22262c 100644 --- a/.github/workflows/project-progress.yml +++ b/.github/workflows/project-progress.yml @@ -29,7 +29,7 @@ jobs: move-assigned-card: runs-on: ubuntu-latest steps: - - uses: alex-page/github-project-automation-plus@v0.8.3 + - uses: alex-page/github-project-automation-plus@v0.9.0 with: project: OpenIM-V3.1 column: In Progress diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d133b9d07..ed9093188 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -44,38 +44,38 @@ jobs: mkdir -p $HOME/.cache/snapcraft/download mkdir -p $HOME/.cache/snapcraft/stage-packages - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: stable - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Log in to AliYun Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: registry.cn-hangzhou.aliyuncs.com username: ${{ secrets.ALIREGISTRY_USERNAME }} password: ${{ secrets.ALIREGISTRY_TOKEN }} - name: set action env cache - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | ./_output/dist/*.deb @@ -83,12 +83,12 @@ jobs: ./_output/dist/*.apk key: ${{ github.ref }} - - uses: sigstore/cosign-installer@v3.1.1 - - uses: anchore/sbom-action/download-syft@v0.14.3 - - uses: crazy-max/ghaction-upx@v2 + - uses: sigstore/cosign-installer@v3.5.0 + - uses: anchore/sbom-action/download-syft@v0.15.10 + - uses: crazy-max/ghaction-upx@v3 with: install-only: true - - uses: cachix/install-nix-action@v22 + - uses: cachix/install-nix-action@v26 with: github_access_token: ${{ secrets.GITHUB_TOKEN }} # - name: snapcraft-login @@ -97,7 +97,7 @@ jobs: # More assembly might be required: Docker logins, GPG, etc. It all depends # on your needs. - - uses: goreleaser/goreleaser-action@v4 + - uses: goreleaser/goreleaser-action@v5 with: # either 'goreleaser' (default) or 'goreleaser-pro': distribution: goreleaser diff --git a/.github/workflows/scripts-test.yml b/.github/workflows/scripts-test.yml index b66e8a9b1..22de82c01 100644 --- a/.github/workflows/scripts-test.yml +++ b/.github/workflows/scripts-test.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 # - name: Install latest Bash (macOS only) # if: runner.os == 'macOS' diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index ca04d0e20..8f760afba 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -32,7 +32,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v8 + - uses: actions/stale@v9 with: repo-token: ${{ secrets.BOT_GITHUB_TOKEN }} days-before-stale: 60