Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
name: Pre-commit Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: actions/setup-python@v6
Expand Down
38 changes: 19 additions & 19 deletions .github/workflows/rust-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ jobs:
contents: read
if: ${{ inputs.run-pre-commit }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: actions/setup-python@v6
Expand Down Expand Up @@ -280,7 +280,7 @@ jobs:
CLIPPY_ARGS: ${{ inputs.clippy-args }}
ALLOC_FEATURE: ${{ inputs.alloc-feature }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand Down Expand Up @@ -311,7 +311,7 @@ jobs:
env:
FEATURE_FLAGS: ${{ inputs.feature-flags }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -335,7 +335,7 @@ jobs:
NO_STD_TARGET: ${{ inputs.no-std-target }}
ALLOC_FEATURE: ${{ inputs.alloc-feature }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -361,7 +361,7 @@ jobs:
FEATURE_FLAGS: ${{ inputs.feature-flags }}
UNIT_TEST_FILTER: ${{ inputs.unit-test-filter }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand Down Expand Up @@ -396,7 +396,7 @@ jobs:
PROPERTY_TEST_FILTER: ${{ inputs.property-test-filter }}
PROPERTY_TEST_THREADS: ${{ inputs.property-test-threads }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -420,7 +420,7 @@ jobs:
contents: read
if: ${{ inputs.run-fuzz-tests }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -431,7 +431,7 @@ jobs:
workspaces: fuzz
# No prebuilt binaries upstream, so build once and cache the binary.
- name: Install cargo-fuzz
uses: taiki-e/cache-cargo-install-action@v2
uses: taiki-e/cache-cargo-install-action@v3
with:
tool: cargo-fuzz
- name: Build fuzz targets
Expand Down Expand Up @@ -491,7 +491,7 @@ jobs:
|| (github.event_name == 'push'
&& (github.ref_type == 'tag' || github.ref_name == inputs.default-branch))) }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -518,7 +518,7 @@ jobs:
env:
FEATURE_FLAGS: ${{ inputs.feature-flags }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
# Single-source the MSRV from Cargo.toml's rust-version unless the
Expand Down Expand Up @@ -558,7 +558,7 @@ jobs:
# Only meaningful on PRs (catch breaks before merge) and release tags (final gate)
if: ${{ inputs.run-semver-checks && (github.event_name == 'pull_request' || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v'))) }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
fetch-depth: 0
persist-credentials: false
Expand All @@ -576,7 +576,7 @@ jobs:
contents: read
if: ${{ inputs.run-security }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -603,7 +603,7 @@ jobs:
runs-on: ubuntu-latest
if: ${{ inputs.run-security && inputs.use-audit-check }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- name: Run cargo audit (check run)
Expand All @@ -623,7 +623,7 @@ jobs:
env:
FEATURE_FLAGS: ${{ inputs.feature-flags }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand Down Expand Up @@ -658,7 +658,7 @@ jobs:
# release job on tag pushes; this job never needs a registry token.
if: ${{ inputs.run-publish-dry-run && github.event_name == 'pull_request' }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand Down Expand Up @@ -735,7 +735,7 @@ jobs:
}}
environment: ${{ inputs.publish-environment }}
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v7
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@fa04a1451ff1842e2626ccb99004d0195b455a88 # master 2026-07-14
Expand All @@ -753,7 +753,7 @@ jobs:
cargo publish
fi
- name: Create GitHub Release
uses: softprops/action-gh-release@v2
uses: softprops/action-gh-release@v3
with:
generate_release_notes: ${{ inputs.generate-release-notes }}

Expand Down Expand Up @@ -798,7 +798,7 @@ jobs:
permission-contents: write
# release-plz pushes the release tag with the checked-out credentials,
# so this checkout intentionally persists them.
- uses: actions/checkout@v6 # zizmor: ignore[artipacked]
- uses: actions/checkout@v7 # zizmor: ignore[artipacked]
with:
fetch-depth: 0
token: ${{ steps.app-token.outputs.token || secrets.release-plz-token || github.token }}
Expand Down Expand Up @@ -846,7 +846,7 @@ jobs:
permission-pull-requests: write
# release-plz pushes the release-pr branch with the checked-out
# credentials, so this checkout intentionally persists them.
- uses: actions/checkout@v6 # zizmor: ignore[artipacked]
- uses: actions/checkout@v7 # zizmor: ignore[artipacked]
with:
fetch-depth: 0
token: ${{ steps.app-token.outputs.token || secrets.release-plz-token || github.token }}
Expand Down
Loading