diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 1cef1f3..3463dc4 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -33,7 +33,7 @@ jobs: python-version: '3.x' allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Install Just @@ -53,6 +53,6 @@ jobs: - name: Upload to code-scanning if: ${{ always() }} - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 with: sarif_file: bandit.sarif diff --git a/.github/workflows/debug.yml b/.github/workflows/debug.yml index 7ed68e3..127813e 100644 --- a/.github/workflows/debug.yml +++ b/.github/workflows/debug.yml @@ -37,7 +37,7 @@ jobs: with: python-version: ${{ github.event.inputs.python-version }} - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Install Just diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 2872efb..396288d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -66,7 +66,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Install Just diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 22de058..c4b94cf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -48,7 +48,7 @@ jobs: with: python-version: "3.14" # for tomlib - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false restore-cache: false @@ -105,7 +105,7 @@ jobs: id-token: write # IMPORTANT: mandatory for trusted publishing steps: - name: Download all the dists - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c with: name: python-package-distributions path: dist/ @@ -125,12 +125,12 @@ jobs: steps: - name: Download all the dists - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c with: name: python-package-distributions path: dist/ - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@a5caf349bc536fbef3668a10ed7f5cd309a4b53d + uses: sigstore/gh-action-sigstore-python@04cffa1d795717b140764e8b640de88853c92acc with: inputs: >- ./dist/*.tar.gz @@ -174,7 +174,7 @@ jobs: steps: - name: Download all the dists - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c with: name: python-package-distributions path: dist/ diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index acc7519..f1fc06f 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -58,6 +58,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 with: sarif_file: results.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 278cc51..bdd2ef8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -130,7 +130,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -154,7 +154,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -210,7 +210,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -234,7 +234,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -332,7 +332,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -348,7 +348,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -455,7 +455,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -471,7 +471,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -571,7 +571,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -606,7 +606,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -662,14 +662,14 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just uses: extractions/setup-just@f8a3cce218d9f83db3a2ecd90e41ac3de6cdfd9b - name: install-vim-windows if: ${{ github.event.inputs.debug == 'true' }} - uses: rhysd/action-setup-vim@19e3dd31a84dbc2c5445d65e9b363f616cab96c1 + uses: rhysd/action-setup-vim@febef33995d6649302e9d88dda81e071b68f16a7 - name: Setup tmate session if: ${{ github.event.inputs.debug == 'true' }} uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 @@ -686,7 +686,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -742,7 +742,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just @@ -766,7 +766,7 @@ jobs: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} - name: Store env files - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f with: name: requirements-${{ env.COVERAGE_FILE }}.txt path: requirements-test*.txt @@ -791,13 +791,13 @@ jobs: with: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 with: enable-cache: false - name: Setup Just uses: extractions/setup-just@f8a3cce218d9f83db3a2ecd90e41ac3de6cdfd9b - name: Get coverage files - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c with: pattern: "*.coverage" merge-multiple: true @@ -805,7 +805,7 @@ jobs: - run: just coverage - name: Upload coverage to Codecov - uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 with: token: ${{ secrets.CODECOV_TOKEN }} files: diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 8166f04..6f72e1e 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: Set up Rust - uses: actions-rust-lang/setup-rust-toolchain@a0b538fa0b742a6aa35d6e2c169b4bd06d225a98 + uses: actions-rust-lang/setup-rust-toolchain@150fca883cd4034361b621bd4e6a9d34e5143606 - name: Install jq run: | sudo apt-get update @@ -50,7 +50,7 @@ jobs: retention-days: 7 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 with: sarif_file: results.sarif