diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 8ec5e77b0f21..fc2b80041ce7 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -27,7 +27,7 @@ jobs: steps: # Use a GitHub App to create the PR so that CI gets triggered # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 id: app-token with: app-id: ${{ vars.NIXPKGS_CI_APP_ID }} diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index c74932b67e7a..408ba7369e62 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -109,7 +109,7 @@ jobs: - name: Build codeowners validator run: nix-build nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A codeownersValidator - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 if: github.event_name == 'pull_request_target' && vars.OWNER_RO_APP_ID id: app-token with: diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml index e944254d19cd..058c6181e2a6 100644 --- a/.github/workflows/edited.yml +++ b/.github/workflows/edited.yml @@ -36,7 +36,7 @@ jobs: # Use a GitHub App to create the PR so that CI gets triggered # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs # We only need Pull Requests: write here, but the app is also used for backports. - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 id: app-token with: app-id: ${{ vars.NIXPKGS_CI_APP_ID }} diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index 94c68d859e48..79237c844589 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -49,7 +49,7 @@ jobs: run: npm install @actions/artifact bottleneck # Use a GitHub App, because it has much higher rate limits: 12,500 instead of 5,000 req / hour. - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 if: github.event_name != 'pull_request' && vars.NIXPKGS_CI_APP_ID id: app-token with: diff --git a/.github/workflows/periodic-merge.yml b/.github/workflows/periodic-merge.yml index 3846d04159fc..1677b05c506c 100644 --- a/.github/workflows/periodic-merge.yml +++ b/.github/workflows/periodic-merge.yml @@ -23,7 +23,7 @@ jobs: steps: # Use a GitHub App to create the PR so that CI gets triggered # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 id: app-token with: app-id: ${{ vars.NIXPKGS_CI_APP_ID }} diff --git a/.github/workflows/reviewers.yml b/.github/workflows/reviewers.yml index 0e0aaf04f850..3d5d08f8d7cf 100644 --- a/.github/workflows/reviewers.yml +++ b/.github/workflows/reviewers.yml @@ -48,7 +48,7 @@ jobs: # - OWNER_APP_PRIVATE_KEY (secret) # # Can't use the token received from permissions above, because it can't get enough permissions. - - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 + - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 if: github.event_name == 'pull_request_target' && vars.OWNER_APP_ID id: app-token with: