diff --git a/.github/actions/install-frontend-deps/action.yml b/.github/actions/install-frontend-deps/action.yml index 14a39c61e58..1e6d3e6be80 100644 --- a/.github/actions/install-frontend-deps/action.yml +++ b/.github/actions/install-frontend-deps/action.yml @@ -3,13 +3,13 @@ description: Installs frontend dependencies with pnpm, with caching runs: using: 'composite' steps: - - name: setup node 20 - uses: actions/setup-node@v4 + - name: setup node 22 + uses: actions/setup-node@v6 with: - node-version: '20' + node-version: '22' - name: setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 10 run_install: false @@ -20,7 +20,7 @@ runs: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - name: setup cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ${{ env.STORE_PATH }} key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} diff --git a/.github/workflows/build-container.yml b/.github/workflows/build-container.yml index 36bc8903b4b..b5bd8637acd 100644 --- a/.github/workflows/build-container.yml +++ b/.github/workflows/build-container.yml @@ -66,11 +66,11 @@ jobs: df -h - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Docker meta id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} images: | @@ -87,13 +87,13 @@ jobs: suffix=-${{ matrix.gpu-driver }},onlatest=false - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 with: platforms: ${{ env.PLATFORMS }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -102,7 +102,7 @@ jobs: - name: Build container timeout-minutes: 40 id: docker_build - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . file: docker/Dockerfile diff --git a/.github/workflows/build-wheel.yml b/.github/workflows/build-wheel.yml index 611f39cf89c..546d1b07088 100644 --- a/.github/workflows/build-wheel.yml +++ b/.github/workflows/build-wheel.yml @@ -12,10 +12,10 @@ jobs: timeout-minutes: 5 # expected run time: <2 min steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.12' cache: pip @@ -32,7 +32,7 @@ jobs: run: ./scripts/build_wheel.sh - name: upload python distribution artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dist path: ${{ steps.build_wheel.outputs.DIST_PATH }} diff --git a/.github/workflows/clean-caches.yml b/.github/workflows/clean-caches.yml index e5acdeab1b9..73d742f3041 100644 --- a/.github/workflows/clean-caches.yml +++ b/.github/workflows/clean-caches.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v6 - name: Cleanup run: | diff --git a/.github/workflows/close-inactive-issues.yml b/.github/workflows/close-inactive-issues.yml index 5e961e2773a..40f75cebb88 100644 --- a/.github/workflows/close-inactive-issues.yml +++ b/.github/workflows/close-inactive-issues.yml @@ -14,7 +14,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v8 + - uses: actions/stale@v10 with: days-before-issue-stale: ${{ env.DAYS_BEFORE_ISSUE_STALE }} days-before-issue-close: ${{ env.DAYS_BEFORE_ISSUE_CLOSE }} diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 8c4a477fe9f..673bc47d7d3 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -34,7 +34,7 @@ jobs: docs: ${{ steps.manual.outputs.docs || steps.filter.outputs.docs }} steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -70,34 +70,34 @@ jobs: timeout-minutes: 20 steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 # Python (needed for generate-docs-data) - name: setup uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: - version: '0.6.10' + version: '0.11.12' enable-cache: true python-version: '3.11' - name: setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' # generate_docs_json.py only needs the invokeai package importable # (pydantic + invokeai.app/backend). Skip the [test] extra to keep CI fast. - name: install python dependencies - run: uv pip install --editable . + run: uv sync --frozen # Node (needed for docs build) - name: setup node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: - node-version: '22.12.0' + node-version: '22' - name: setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 10 run_install: false @@ -129,7 +129,7 @@ jobs: # Upload artifact for deploy (main branch only) - name: upload pages artifact if: github.ref == 'refs/heads/main' - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@v5 with: path: docs/dist @@ -147,4 +147,4 @@ jobs: steps: - name: deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@v5 diff --git a/.github/workflows/frontend-checks.yml b/.github/workflows/frontend-checks.yml index df767676441..b36fbeb650b 100644 --- a/.github/workflows/frontend-checks.yml +++ b/.github/workflows/frontend-checks.yml @@ -39,7 +39,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 # expected run time: <2 min steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Fail if package-lock.json is added/modified (pnpm only) shell: bash @@ -60,7 +60,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | frontend: diff --git a/.github/workflows/frontend-tests.yml b/.github/workflows/frontend-tests.yml index 17baef724fd..abb1fb8419f 100644 --- a/.github/workflows/frontend-tests.yml +++ b/.github/workflows/frontend-tests.yml @@ -39,7 +39,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 # expected run time: <2 min steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: check for changed frontend files if: ${{ inputs.always_run != true }} @@ -49,7 +49,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | frontend: diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml index 1a98512190a..b7689b12021 100644 --- a/.github/workflows/label-pr.yml +++ b/.github/workflows/label-pr.yml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: label PRs - uses: actions/labeler@v5 + uses: actions/labeler@v6 with: configuration-path: .github/pr_labels.yml diff --git a/.github/workflows/lfs-checks.yml b/.github/workflows/lfs-checks.yml index 597276d474b..a3b845025a8 100644 --- a/.github/workflows/lfs-checks.yml +++ b/.github/workflows/lfs-checks.yml @@ -24,7 +24,7 @@ jobs: pull-requests: write steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: check lfs files uses: ppremk/lfs-warning@v3.3 diff --git a/.github/workflows/python-checks.yml b/.github/workflows/python-checks.yml index 39ff56eab8f..b08bc611cec 100644 --- a/.github/workflows/python-checks.yml +++ b/.github/workflows/python-checks.yml @@ -41,7 +41,7 @@ jobs: timeout-minutes: 5 # expected run time: <1 min steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: check for changed python files if: ${{ inputs.always_run != true }} @@ -51,7 +51,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | python: @@ -62,7 +62,7 @@ jobs: - name: setup uv if: ${{ steps.changed-files.outputs.python_any_changed == 'true' || inputs.always_run == true }} - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: '0.6.10' enable-cache: true diff --git a/.github/workflows/python-tests.yml b/.github/workflows/python-tests.yml index 6d7e942e56e..1d206127b17 100644 --- a/.github/workflows/python-tests.yml +++ b/.github/workflows/python-tests.yml @@ -76,7 +76,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | python: @@ -87,7 +87,7 @@ jobs: - name: setup uv if: ${{ steps.changed-files.outputs.python_any_changed == 'true' || inputs.always_run == true }} - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: '0.6.10' enable-cache: true @@ -95,7 +95,7 @@ jobs: - name: setup python if: ${{ steps.changed-files.outputs.python_any_changed == 'true' || inputs.always_run == true }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 145d08f2f08..30e87b53dcb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: check python version uses: samuelcolvin/check-python-version@v4 @@ -70,7 +70,7 @@ jobs: id-token: write steps: - name: download distribution from build job - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: dist path: dist/ @@ -99,7 +99,7 @@ jobs: id-token: write steps: - name: download distribution from build job - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: dist path: dist/ diff --git a/.github/workflows/typegen-checks.yml b/.github/workflows/typegen-checks.yml index 28bcbf778ee..0482600e766 100644 --- a/.github/workflows/typegen-checks.yml +++ b/.github/workflows/typegen-checks.yml @@ -37,7 +37,7 @@ jobs: timeout-minutes: 15 # expected run time: <5 min steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Free up more disk space on the runner # https://github.com/actions/runner-images/issues/2840#issuecomment-1284059930 @@ -61,7 +61,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | src: @@ -70,7 +70,7 @@ jobs: - name: setup uv if: ${{ steps.changed-files.outputs.src_any_changed == 'true' || inputs.always_run == true }} - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: '0.6.10' enable-cache: true @@ -78,7 +78,7 @@ jobs: - name: setup python if: ${{ steps.changed-files.outputs.src_any_changed == 'true' || inputs.always_run == true }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' diff --git a/.github/workflows/uv-lock-checks.yml b/.github/workflows/uv-lock-checks.yml index fb70c47237c..d57163165fb 100644 --- a/.github/workflows/uv-lock-checks.yml +++ b/.github/workflows/uv-lock-checks.yml @@ -38,7 +38,7 @@ jobs: timeout-minutes: 5 # expected run time: <1 min steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: check for changed python files if: ${{ inputs.always_run != true }} @@ -48,7 +48,7 @@ jobs: # - CVE-2025-30066 # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised # - https://github.com/tj-actions/changed-files/issues/2463 - uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 with: files_yaml: | uvlock-pyprojecttoml: @@ -57,7 +57,7 @@ jobs: - name: setup uv if: ${{ steps.changed-files.outputs.uvlock-pyprojecttoml_any_changed == 'true' || inputs.always_run == true }} - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@v8.1.0 with: version: '0.6.10' enable-cache: true