Skip to content

Commit 9122bda

Browse files
stainless-app[bot]stainless-app[bot]
committed
ci: pin GitHub Actions to commit SHAs
Pin all GitHub Actions referenced in generated workflows (both first-party `actions/*` and third-party) to immutable commit SHAs. Updating pinned actions is now a deliberate codegen-side bump rather than implicit on every workflow run.
1 parent 9d1c43a commit 9122bda

3 files changed

Lines changed: 6 additions & 6 deletions

File tree

.github/workflows/ci.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,10 @@ jobs:
2222
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
2323

2424
steps:
25-
- uses: actions/checkout@v6
25+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626

2727
- name: Set up PHP
28-
uses: 'shivammathur/setup-php@v2'
28+
uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # 2.37.0
2929
with:
3030
php-version: '8.3'
3131

@@ -40,10 +40,10 @@ jobs:
4040
runs-on: ${{ github.repository == 'stainless-sdks/stagehand-php' && 'depot-ubuntu-24.04' || 'ubuntu-latest' }}
4141
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
4242
steps:
43-
- uses: actions/checkout@v6
43+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4444

4545
- name: Set up PHP
46-
uses: 'shivammathur/setup-php@v2'
46+
uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # 2.37.0
4747
with:
4848
php-version: '8.3'
4949

.github/workflows/publish-packagist.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ jobs:
1111
runs-on: ubuntu-latest
1212

1313
steps:
14-
- uses: actions/checkout@v6
14+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1515

1616
- name: Publish to Packagist
1717
run: |-

.github/workflows/release-doctor.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
if: github.repository == 'browserbase/stagehand-php' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch' || startsWith(github.head_ref, 'release-please') || github.head_ref == 'next')
1313

1414
steps:
15-
- uses: actions/checkout@v6
15+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1616

1717
- name: Check release environment
1818
run: |

0 commit comments

Comments
 (0)