diff --git a/.github/workflows/autobuild.yml b/.github/workflows/autobuild.yml index d089f1a1c..f568d3724 100644 --- a/.github/workflows/autobuild.yml +++ b/.github/workflows/autobuild.yml @@ -38,7 +38,7 @@ jobs: run: bash ./scripts/extract_update_logs.sh shell: bash - - uses: pnpm/action-setup@v5.0.0 + - uses: pnpm/action-setup@v6.0.0 name: Install pnpm with: run_install: false @@ -102,7 +102,7 @@ jobs: EOF - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: ${{ env.TAG_NAME }} name: 'Clash Verge Rev ${{ env.TAG_CHANNEL }}' @@ -179,7 +179,7 @@ jobs: echo "OPENSSL_LIB_DIR=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV echo "PKG_CONFIG_PATH=$(brew --prefix openssl@3)/lib/pkgconfig" >> $GITHUB_ENV - - uses: pnpm/action-setup@v5.0.0 + - uses: pnpm/action-setup@v6.0.0 name: Install pnpm with: run_install: false @@ -278,7 +278,7 @@ jobs: cache-workspace-crates: true - name: Install pnpm - uses: pnpm/action-setup@v5.0.0 + uses: pnpm/action-setup@v6.0.0 with: run_install: false @@ -379,7 +379,7 @@ jobs: echo "BUILDTIME=$(TZ=Asia/Shanghai date)" >> $GITHUB_ENV - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: ${{ env.TAG_NAME }} name: 'Clash Verge Rev ${{ env.TAG_CHANNEL }}' @@ -423,7 +423,7 @@ jobs: cache-workspace-crates: true - name: Install pnpm - uses: pnpm/action-setup@v5.0.0 + uses: pnpm/action-setup@v6.0.0 with: run_install: false @@ -497,7 +497,7 @@ jobs: } - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: ${{ env.TAG_NAME }} name: 'Clash Verge Rev ${{ env.TAG_CHANNEL }}' @@ -534,7 +534,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5.0.0 + - uses: pnpm/action-setup@v6.0.0 name: Install pnpm with: run_install: false diff --git a/.github/workflows/cross_check.yaml b/.github/workflows/cross_check.yaml index 70c082c8d..1f0e5c91a 100644 --- a/.github/workflows/cross_check.yaml +++ b/.github/workflows/cross_check.yaml @@ -45,7 +45,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 7ad6dccbf..8f0cc672f 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -93,7 +93,7 @@ jobs: sudo apt-get update sudo apt-get install -y libxslt1.1 libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev patchelf - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm if: github.event.inputs[matrix.input] == 'true' with: diff --git a/.github/workflows/frontend-check.yml b/.github/workflows/frontend-check.yml index cba28fc13..7d05f75f3 100644 --- a/.github/workflows/frontend-check.yml +++ b/.github/workflows/frontend-check.yml @@ -40,7 +40,7 @@ jobs: - name: Install pnpm if: steps.check_frontend.outputs.frontend == 'true' - uses: pnpm/action-setup@v5 + uses: pnpm/action-setup@v6 with: run_install: false diff --git a/.github/workflows/pr-ai-slop-review.lock.yml b/.github/workflows/pr-ai-slop-review.lock.yml index e343f3862..6f9618a5e 100644 --- a/.github/workflows/pr-ai-slop-review.lock.yml +++ b/.github/workflows/pr-ai-slop-review.lock.yml @@ -82,7 +82,7 @@ jobs: GH_AW_INFO_AWMG_VERSION: "" GH_AW_INFO_FIREWALL_TYPE: "squid" GH_AW_COMPILED_STRICT: "true" - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); @@ -104,7 +104,7 @@ jobs: sparse-checkout-cone-mode: true fetch-depth: 1 - name: Check workflow file timestamps - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_WORKFLOW_FILE: "pr-ai-slop-review.lock.yml" with: @@ -115,7 +115,7 @@ jobs: await main(); - name: Compute current body text id: sanitized - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); @@ -186,7 +186,7 @@ jobs: GH_AW_PROMPT_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt with: @@ -196,7 +196,7 @@ jobs: const { main } = require('${{ runner.temp }}/gh-aw/actions/interpolate_prompt.cjs'); await main(); - name: Substitute placeholders - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt GH_AW_GITHUB_ACTOR: ${{ github.actor }} @@ -305,7 +305,7 @@ jobs: id: checkout-pr if: | github.event.pull_request || github.event.issue.pull_request - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} with: @@ -653,7 +653,7 @@ jobs: bash ${RUNNER_TEMP}/gh-aw/actions/stop_mcp_gateway.sh "$GATEWAY_PID" - name: Redact secrets in logs if: always() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); @@ -677,7 +677,7 @@ jobs: - name: Ingest agent output id: collect_output if: always() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" @@ -692,7 +692,7 @@ jobs: await main(); - name: Parse agent logs for step summary if: always() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: /tmp/gh-aw/sandbox/agent/logs/ with: @@ -703,7 +703,7 @@ jobs: await main(); - name: Parse MCP Gateway logs for step summary if: always() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); @@ -776,7 +776,7 @@ jobs: ls -la /tmp/gh-aw/threat-detection/ 2>/dev/null || true - name: Setup threat detection if: always() && steps.detection_guard.outputs.run_detection == 'true' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: WORKFLOW_NAME: "PR AI Slop Review" WORKFLOW_DESCRIPTION: "Reviews incoming pull requests for missing issue linkage and high-confidence\nsigns of one-shot AI-generated changes, then posts a maintainer-focused\ncomment when the risk is high enough to warrant follow-up." @@ -832,7 +832,7 @@ jobs: - name: Parse threat detection results id: parse_detection_results if: always() && steps.detection_guard.outputs.run_detection == 'true' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); @@ -906,7 +906,7 @@ jobs: echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/agent_output.json" >> "$GITHUB_ENV" - name: Process No-Op Messages id: noop - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" @@ -920,7 +920,7 @@ jobs: await main(); - name: Record Missing Tool id: missing_tool - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} GH_AW_WORKFLOW_NAME: "PR AI Slop Review" @@ -934,7 +934,7 @@ jobs: - name: Handle Agent Failure id: handle_agent_failure if: always() - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} GH_AW_WORKFLOW_NAME: "PR AI Slop Review" @@ -957,7 +957,7 @@ jobs: await main(); - name: Handle No-Op Message id: handle_noop_message - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} GH_AW_WORKFLOW_NAME: "PR AI Slop Review" @@ -1025,7 +1025,7 @@ jobs: echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV" - name: Process Safe Outputs id: process_safe_outputs - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }} GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6c18c6685..7bb7e393b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -126,7 +126,7 @@ jobs: EOF - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: ${{ env.TAG_NAME }} name: 'Clash Verge Rev ${{ env.TAG_NAME }}' @@ -199,7 +199,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false @@ -242,19 +242,19 @@ jobs: - name: Attest Windows bundles if: matrix.os == 'windows-latest' - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: target/${{ matrix.target }}/release/bundle/nsis/*setup* - name: Attest macOS bundles if: matrix.os == 'macos-latest' - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: target/${{ matrix.target }}/release/bundle/dmg/*.dmg - name: Attest Linux bundles if: matrix.os == 'ubuntu-22.04' - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: | target/${{ matrix.target }}/release/bundle/deb/*.deb @@ -304,7 +304,7 @@ jobs: node-version: '24.14.1' - name: Install pnpm - uses: pnpm/action-setup@v5 + uses: pnpm/action-setup@v6 with: run_install: false @@ -388,14 +388,14 @@ jobs: echo "BUILDTIME=$(TZ=Asia/Shanghai date)" >> $GITHUB_ENV - name: Attest Linux bundles - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: | target/${{ matrix.target }}/release/bundle/deb/*.deb target/${{ matrix.target }}/release/bundle/rpm/*.rpm - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: v${{env.VERSION}} name: 'Clash Verge Rev v${{env.VERSION}}' @@ -449,7 +449,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false @@ -506,12 +506,12 @@ jobs: } - name: Attest Windows bundles - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: target/${{ matrix.target }}/release/bundle/nsis/*setup* - name: Upload Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: v${{steps.build.outputs.appVersion}} name: 'Clash Verge Rev v${{steps.build.outputs.appVersion}}' @@ -539,7 +539,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false @@ -565,7 +565,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false @@ -627,7 +627,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false diff --git a/.github/workflows/telegram-notify.yml b/.github/workflows/telegram-notify.yml index 59bf591ff..2ec79addd 100644 --- a/.github/workflows/telegram-notify.yml +++ b/.github/workflows/telegram-notify.yml @@ -36,7 +36,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index 8c9eff506..11be01c39 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -17,7 +17,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false @@ -41,7 +41,7 @@ jobs: with: node-version: '24.14.1' - - uses: pnpm/action-setup@v5 + - uses: pnpm/action-setup@v6 name: Install pnpm with: run_install: false