From c04b1dce74b13e164adba46a5e29213dd9b4a433 Mon Sep 17 00:00:00 2001 From: Romain Brenguier Date: Fri, 24 Apr 2026 15:35:30 +0200 Subject: [PATCH] Revert "Pin dependencies (#221)" This reverts commit 889cb3538b444e0853151c8717cdfda3e1908694. --- .github/actions/orchestrator-cache/action.yml | 2 +- .github/workflows/PullRequestClosed.yml | 2 +- .github/workflows/PullRequestCreated.yml | 2 +- .github/workflows/RequestReview.yml | 2 +- .github/workflows/ShadowScans.yml | 4 ++-- .github/workflows/SubmitReview.yml | 2 +- .github/workflows/automated-release.yml | 2 +- .github/workflows/build.yml | 22 +++++++++---------- .github/workflows/lock-branch.yaml | 2 +- .github/workflows/pr-cleanup.yml | 2 +- .github/workflows/release.yml | 2 +- 11 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/actions/orchestrator-cache/action.yml b/.github/actions/orchestrator-cache/action.yml index 2540fc9d..d8c664e4 100644 --- a/.github/actions/orchestrator-cache/action.yml +++ b/.github/actions/orchestrator-cache/action.yml @@ -19,7 +19,7 @@ runs: mkdir -p "${{ github.workspace }}/orchestrator" - name: Restore and save orchestrator cache - uses: SonarSource/gh-action_cache@v1.4.4 + uses: SonarSource/gh-action_cache@v1 with: path: ${{ env.ORCHESTRATOR_HOME }} key: ${{ inputs.key-prefix }}-${{ env.ORCHESTRATOR_CACHE_MONTH }}-${{ github.run_id }} diff --git a/.github/workflows/PullRequestClosed.yml b/.github/workflows/PullRequestClosed.yml index 26a481b3..1bf21407 100644 --- a/.github/workflows/PullRequestClosed.yml +++ b/.github/workflows/PullRequestClosed.yml @@ -16,7 +16,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/kv/data/jira user | JIRA_USER; diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml index 58d0e970..6b09fc7e 100644 --- a/.github/workflows/PullRequestCreated.yml +++ b/.github/workflows/PullRequestCreated.yml @@ -17,7 +17,7 @@ jobs: && github.event.pull_request.user.login != 'renovate[bot]' steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; diff --git a/.github/workflows/RequestReview.yml b/.github/workflows/RequestReview.yml index c1073940..eb1425d4 100644 --- a/.github/workflows/RequestReview.yml +++ b/.github/workflows/RequestReview.yml @@ -15,7 +15,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; diff --git a/.github/workflows/ShadowScans.yml b/.github/workflows/ShadowScans.yml index 7db78336..05ac67d5 100644 --- a/.github/workflows/ShadowScans.yml +++ b/.github/workflows/ShadowScans.yml @@ -32,7 +32,7 @@ jobs: rustup target add x86_64-unknown-linux-musl cargo install cargo-llvm-cov cargo-about - name: SQC shadow scans - uses: SonarSource/ci-github-actions/build-gradle@1.3.34 + uses: SonarSource/ci-github-actions/build-gradle@v1 with: deploy: false deploy-pull-request: false @@ -52,7 +52,7 @@ jobs: contents: write steps: - name: Run IRIS Analysis - uses: SonarSource/unified-dogfooding-actions/run-iris@1.0.0 + uses: SonarSource/unified-dogfooding-actions/run-iris@v1 with: primary_project_key: "SonarSource_sonar-rust" primary_platform: "Next" # Platform of the primary platform (Next, SQC-EU, SQC-US) diff --git a/.github/workflows/SubmitReview.yml b/.github/workflows/SubmitReview.yml index d97a4379..d5b18a7e 100644 --- a/.github/workflows/SubmitReview.yml +++ b/.github/workflows/SubmitReview.yml @@ -18,7 +18,7 @@ jobs: || github.event.review.state == 'approved') steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/kv/data/jira user | JIRA_USER; diff --git a/.github/workflows/automated-release.yml b/.github/workflows/automated-release.yml index 6c978290..867f8935 100644 --- a/.github/workflows/automated-release.yml +++ b/.github/workflows/automated-release.yml @@ -39,7 +39,7 @@ on: jobs: release: name: Release - uses: SonarSource/release-github-actions/.github/workflows/automated-release.yml@1.5.4 + uses: SonarSource/release-github-actions/.github/workflows/automated-release.yml@v1 permissions: statuses: read id-token: write diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1c192527..e4976a0f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: steps: # see https://xtranet-sonarsource.atlassian.net/wiki/spaces/Platform/pages/4412309510/MacOS+Runners+-+GitHub - name: Setup Cloudflare WARP - uses: SonarSource/gh-action_setup-cloudflare-warp@v1.0.7 + uses: SonarSource/gh-action_setup-cloudflare-warp@v1 id: warp - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 @@ -150,7 +150,7 @@ jobs: rustup component add llvm-tools rustfmt clippy rustup target add x86_64-unknown-linux-musl cargo install cargo-llvm-cov cargo-about - - uses: SonarSource/ci-github-actions/build-gradle@1.3.34 + - uses: SonarSource/ci-github-actions/build-gradle@v1 with: deploy: false deploy-pull-request: false @@ -201,7 +201,7 @@ jobs: with: name: analyzer-x86_64-pc-windows-gnu path: analyzer/target/x86_64-pc-windows-gnu/release/ - - uses: SonarSource/ci-github-actions/build-gradle@1.3.34 + - uses: SonarSource/ci-github-actions/build-gradle@v1 with: deploy-pull-request: true gradle-args: "-PskipAnalyzerBuild --info --stacktrace" @@ -226,11 +226,11 @@ jobs: version: 2025.7.12 - name: Vault id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/licenses-ro token | GITHUB_TOKEN; - - uses: SonarSource/ci-github-actions/config-gradle@1.3.34 + - uses: SonarSource/ci-github-actions/config-gradle@v1 - name: Run E2E tests env: GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }} @@ -256,7 +256,7 @@ jobs: version: 2025.7.12 - name: Vault id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/licenses-ro token | GITHUB_TOKEN; @@ -266,7 +266,7 @@ jobs: ./rustup-init.exe -y --default-host x86_64-pc-windows-msvc --default-toolchain stable --profile minimal $env:PATH += ";$env:USERPROFILE\.cargo\bin" rustup component add clippy - - uses: SonarSource/ci-github-actions/config-gradle@1.3.34 + - uses: SonarSource/ci-github-actions/config-gradle@v1 - name: Run E2E tests shell: bash env: @@ -300,11 +300,11 @@ jobs: version: 2025.7.12 - name: Vault id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/licenses-ro token | GITHUB_TOKEN; - - uses: SonarSource/ci-github-actions/config-gradle@1.3.34 + - uses: SonarSource/ci-github-actions/config-gradle@v1 - name: Run E2E tests in ARM64 container shell: bash env: @@ -332,7 +332,7 @@ jobs: runs-on: github-ubuntu-latest-s steps: # https://github.com/SonarSource/release-github-actions/tree/master/notify-slack - - uses: SonarSource/release-github-actions/notify-slack@1.5.4 + - uses: SonarSource/release-github-actions/notify-slack@v1 with: project-name: "Sonar-Rust" icon: ":cyber-radish:" @@ -353,6 +353,6 @@ jobs: permissions: id-token: write steps: - - uses: SonarSource/ci-github-actions/promote@1.3.34 + - uses: SonarSource/ci-github-actions/promote@v1 with: promote-pull-request: true diff --git a/.github/workflows/lock-branch.yaml b/.github/workflows/lock-branch.yaml index ec31510b..e8684c87 100644 --- a/.github/workflows/lock-branch.yaml +++ b/.github/workflows/lock-branch.yaml @@ -11,7 +11,7 @@ jobs: id-token: write steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3.4.0 + uses: SonarSource/vault-action-wrapper@v3 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-lock token | lock_token; diff --git a/.github/workflows/pr-cleanup.yml b/.github/workflows/pr-cleanup.yml index 04a86a62..946c576b 100644 --- a/.github/workflows/pr-cleanup.yml +++ b/.github/workflows/pr-cleanup.yml @@ -9,4 +9,4 @@ jobs: permissions: actions: write steps: - - uses: SonarSource/ci-github-actions/pr_cleanup@1.3.34 + - uses: SonarSource/ci-github-actions/pr_cleanup@v1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 690340fc..18051257 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -28,7 +28,7 @@ jobs: permissions: id-token: write contents: write - uses: SonarSource/gh-action_release/.github/workflows/main.yaml@6.8.0 + uses: SonarSource/gh-action_release/.github/workflows/main.yaml@v6 with: publishToBinaries: true mavenCentralSync: true