diff --git a/.github/workflows/build_1.x.yml b/.github/workflows/build_1.x.yml index 817aee7ec..8b19d80fa 100644 --- a/.github/workflows/build_1.x.yml +++ b/.github/workflows/build_1.x.yml @@ -17,12 +17,12 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Build @@ -42,19 +42,19 @@ jobs: ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.SIGNING_KEY }} ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.SIGNING_PASSWORD }} run: ./gradlew publishAllPublicationsToMavenCentralRepository -Psnapshot=true - - uses: github/codeql-action/upload-sarif@v3 + - uses: github/codeql-action/upload-sarif@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 if: success() || failure() with: sarif_file: build/lint-merged.sarif category: lint - - uses: github/codeql-action/upload-sarif@v3 + - uses: github/codeql-action/upload-sarif@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 if: success() || failure() with: sarif_file: build/detekt-merged.sarif category: detekt - name: Upload failure artifacts if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: reports path: | @@ -66,12 +66,12 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 30 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Pre build sources before launching emulator @@ -83,7 +83,7 @@ jobs: sudo udevadm trigger --name-match=kvm # Do not cache the emulator because it causes https://github.com/ReactiveCircus/android-emulator-runner/issues/385 - name: Instrumentation tests - uses: reactivecircus/android-emulator-runner@v2 + uses: reactivecircus/android-emulator-runner@e89f39f1abbbd05b1113a29cf4db69e7540cae5a # v2 with: # Use API 29 https://github.com/ReactiveCircus/android-emulator-runner/issues/222 # Use API 28 https://github.com/ReactiveCircus/android-emulator-runner/issues/373 @@ -97,7 +97,7 @@ jobs: ./gradlew connectedCheck - name: Upload failed instrumentation artifacts if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: instrumentation-failures path: | diff --git a/.github/workflows/build_2.x.yml b/.github/workflows/build_2.x.yml index 30269c8b7..7812ef001 100644 --- a/.github/workflows/build_2.x.yml +++ b/.github/workflows/build_2.x.yml @@ -17,12 +17,12 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Build @@ -42,19 +42,19 @@ jobs: ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.SIGNING_KEY }} ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.SIGNING_PASSWORD }} run: ./gradlew publishAllPublicationsToMavenCentralRepository -Psnapshot=true - - uses: github/codeql-action/upload-sarif@v3 + - uses: github/codeql-action/upload-sarif@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 if: success() || failure() with: sarif_file: build/lint-merged.sarif category: lint - - uses: github/codeql-action/upload-sarif@v3 + - uses: github/codeql-action/upload-sarif@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 if: success() || failure() with: sarif_file: build/detekt-merged.sarif category: detekt - name: Upload failure artifacts if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: reports path: | @@ -65,12 +65,12 @@ jobs: name: Publication verification runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Check publication setup @@ -88,16 +88,16 @@ jobs: runs-on: macOS-latest timeout-minutes: 60 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Setup Android SDK - uses: android-actions/setup-android@v3 + uses: android-actions/setup-android@9fc6c4e9069bf8d3d10b2204b1fb8f6ef7065407 # v3 - name: Package Debug Android Test # Flags from https://github.com/android/nowinandroid/blob/main/.github/workflows/Build.yaml run: ./gradlew packageDebugAndroidTest @@ -113,7 +113,7 @@ jobs: -Dorg.gradle.jvmargs=-Xmx2048m - name: Upload failed instrumentation artifacts if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: instrumentation-failures path: | @@ -125,16 +125,16 @@ jobs: runs-on: macOS-latest timeout-minutes: 60 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: ${{ env.MAIN_BRANCH != 'true' }} - name: Setup Android SDK - uses: android-actions/setup-android@v3 + uses: android-actions/setup-android@9fc6c4e9069bf8d3d10b2204b1fb8f6ef7065407 # v3 - name: Screenshot tests # Flags from https://github.com/android/nowinandroid/blob/main/.github/workflows/Build.yaml run: > @@ -146,7 +146,7 @@ jobs: -Pandroid.experimental.testOptions.managedDevices.emulator.showKernelLogging=true - name: Upload failed screenshot artifacts if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: screenshot-failures path: | diff --git a/.github/workflows/check_documentation.yml b/.github/workflows/check_documentation.yml index 029bd28f8..1cb2a0b4a 100644 --- a/.github/workflows/check_documentation.yml +++ b/.github/workflows/check_documentation.yml @@ -11,17 +11,17 @@ jobs: name: Check documentation runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: true - name: Generate distributions run: ./gradlew wasmJsBrowserDistributionMkdocs --continue - - uses: actions/setup-python@v5 + - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.x' - run: pip install mkdocs-material diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index dd9580b9b..729695450 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -11,15 +11,15 @@ jobs: name: Deploy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.x' - - uses: actions/setup-java@v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: true - run: pip install mkdocs-material diff --git a/.github/workflows/post_merge.yml b/.github/workflows/post_merge.yml index 199a94973..660cde56f 100644 --- a/.github/workflows/post_merge.yml +++ b/.github/workflows/post_merge.yml @@ -11,18 +11,18 @@ jobs: name: Build sample app runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: true - name: Build run: ./gradlew :samples:app:assembleRelease - name: Upload sample app apk - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: sample-app path: samples/app/build/outputs/apk/release/app-release.apk diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f436b7ab3..989c84881 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,12 +10,12 @@ jobs: name: Publish runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'zulu' java-version: '17' - - uses: gradle/actions/setup-gradle@v4 + - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4 with: cache-read-only: true - name: Build & publish