Skip to content

Commit e3ec142

Browse files
joshuarlijoshuarli
authored
chore: pin GitHub Actions to full-length commit SHAs (#2910)
1 parent aaa5a9a commit e3ec142

13 files changed

+40
-40
lines changed

.github/workflows/build_images.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535

3636
steps:
3737
- name: Check out current commit
38-
uses: actions/checkout@v4
38+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3939

4040
- name: Generate short image name and extract version
4141
id: image_name
@@ -66,7 +66,7 @@ jobs:
6666
6767
- name: Build and push devcontainer image
6868
id: build
69-
uses: getsentry/action-build-and-push-images@main
69+
uses: getsentry/action-build-and-push-images@8fc75e483c09a68721f2c8951292ee17f8821766 # main
7070
with:
7171
image_name: "${{ steps.image_name.outputs.short_name }}"
7272
dockerfile_path: ".devcontainer/Dockerfile"

.github/workflows/build_release.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,15 +9,15 @@ jobs:
99
name: Build gems
1010
runs-on: ubuntu-latest
1111
steps:
12-
- uses: actions/checkout@v4
12+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1313
- name: Set up Ruby
14-
uses: ruby/setup-ruby@v1
14+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
1515
with:
1616
ruby-version: 3.4
1717
- name: Build gem source
1818
run: ruby .scripts/batch_build.rb
1919
- name: Archive Artifacts
20-
uses: actions/upload-artifact@v4
20+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
2121
with:
2222
name: ${{ github.sha }}
2323
path: sentry*/*.gem

.github/workflows/codeql-analysis.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,11 +42,11 @@ jobs:
4242

4343
steps:
4444
- name: Checkout repository
45-
uses: actions/checkout@v4
45+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
4646

4747
# Initializes the CodeQL tools for scanning.
4848
- name: Initialize CodeQL
49-
uses: github/codeql-action/init@v2
49+
uses: github/codeql-action/init@8dca8a82e2fa1a2c8908956f711300f9c4a4f4f6 # v2
5050
with:
5151
languages: ${{ matrix.language }}
5252
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -57,7 +57,7 @@ jobs:
5757
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
5858
# If this step fails, then you should remove it and run the build manually (see below)
5959
- name: Autobuild
60-
uses: github/codeql-action/autobuild@v2
60+
uses: github/codeql-action/autobuild@8dca8a82e2fa1a2c8908956f711300f9c4a4f4f6 # v2
6161

6262
# ℹ️ Command-line programs to run using the OS shell.
6363
# 📚 https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
@@ -71,4 +71,4 @@ jobs:
7171
# make release
7272

7373
- name: Perform CodeQL Analysis
74-
uses: github/codeql-action/analyze@v2
74+
uses: github/codeql-action/analyze@8dca8a82e2fa1a2c8908956f711300f9c4a4f4f6 # v2

.github/workflows/e2e_tests.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,23 +31,23 @@ jobs:
3131

3232
steps:
3333
- name: Checkout code
34-
uses: actions/checkout@v4
34+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3535

3636
- name: Set up `.env` file
3737
run: |
3838
cd .devcontainer
3939
cp .env.example .env
4040
4141
- name: Restore rubygems cache
42-
uses: actions/cache@v3
42+
uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3
4343
with:
4444
path: vendor/gems
4545
key: ${{ runner.os }}-${{ matrix.ruby_version }}-gems-${{ hashFiles('Gemfile.lock', '*/Gemfile.lock', 'spec/apps/**/Gemfile.lock') }}
4646
restore-keys: |
4747
${{ runner.os }}-${{ matrix.ruby_version }}-gems-
4848
4949
- name: Restore node_modules cache
50-
uses: actions/cache@v3
50+
uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3
5151
with:
5252
path: spec/apps/svelte-mini/node_modules
5353
key: ${{ runner.os }}-${{ runner.arch }}-node-modules-${{ hashFiles('spec/apps/svelte-mini/package-lock.json') }}
@@ -70,15 +70,15 @@ jobs:
7070
up -d sentry-test
7171
7272
- name: "Wait for rails-mini app to be ready"
73-
uses: nev7n/wait_for_response@v1
73+
uses: nev7n/wait_for_response@81b0b0eded16435202e126beb3e704fc00430f5b # v1
7474
with:
7575
url: 'http://localhost:4000/health'
7676
responseCode: 200
7777
timeout: 90000
7878
interval: 500
7979

8080
- name: "Wait for svelte-mini app to be ready"
81-
uses: nev7n/wait_for_response@v1
81+
uses: nev7n/wait_for_response@81b0b0eded16435202e126beb3e704fc00430f5b # v1
8282
with:
8383
url: 'http://localhost:4001/health'
8484
responseCode: 200
@@ -99,7 +99,7 @@ jobs:
9999

100100
- name: Upload test artifacts
101101
if: failure()
102-
uses: actions/upload-artifact@v4
102+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
103103
with:
104104
name: e2e-test-logs-ruby-${{ matrix.ruby_version }}
105105
path: |

.github/workflows/lint.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,9 @@ jobs:
66
lint:
77
runs-on: ubuntu-latest
88
steps:
9-
- uses: actions/checkout@v4
9+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1010
- name: Set up Ruby
11-
uses: ruby/setup-ruby@v1
11+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
1212
with:
1313
ruby-version: "3.4"
1414
bundler-cache: true

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
with:
2020
app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
2121
private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
22-
- uses: actions/checkout@v4
22+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
2323
with:
2424
token: ${{ steps.token.outputs.token }}
2525
fetch-depth: 0

.github/workflows/sentry_delayed_job_test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ jobs:
4444
- { ruby_version: "head" }
4545
- { ruby_version: 'jruby-head' }
4646
steps:
47-
- uses: actions/checkout@v4
47+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
4848
- name: Install sqlite
4949
run: |
5050
# See https://github.community/t5/GitHub-Actions/ubuntu-latest-Apt-repository-list-issues/td-p/41122/page/2
@@ -53,7 +53,7 @@ jobs:
5353
sudo apt-get install libsqlite3-dev
5454
5555
- name: Set up Ruby ${{ matrix.ruby_version }}
56-
uses: ruby/setup-ruby@v1
56+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
5757
with:
5858
ruby-version: ${{ matrix.ruby_version }}
5959
bundler-cache: true
@@ -62,6 +62,6 @@ jobs:
6262
run: bundle exec rake
6363

6464
- name: Upload Coverage
65-
uses: codecov/codecov-action@v5
65+
uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
6666
with:
6767
token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/sentry_opentelemetry_test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -42,10 +42,10 @@ jobs:
4242
exclude:
4343
- { ruby_version: 'jruby-head' }
4444
steps:
45-
- uses: actions/checkout@v4
45+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
4646

4747
- name: Set up Ruby ${{ matrix.ruby_version }}
48-
uses: ruby/setup-ruby@v1
48+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
4949
with:
5050
ruby-version: ${{ matrix.ruby_version }}
5151
bundler-cache: true
@@ -54,6 +54,6 @@ jobs:
5454
run: bundle exec rake
5555

5656
- name: Upload Coverage
57-
uses: codecov/codecov-action@v5
57+
uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
5858
with:
5959
token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/sentry_rails_test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -69,15 +69,15 @@ jobs:
6969
rails_version: "7.0.0"
7070

7171
steps:
72-
- uses: actions/checkout@v4
72+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
7373
- name: Install sqlite and ImageMagick
7474
run: |
7575
# See https://github.community/t5/GitHub-Actions/ubuntu-latest-Apt-repository-list-issues/td-p/41122/page/2
7676
for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done
7777
sudo apt-get update
7878
sudo apt-get install libsqlite3-dev imagemagick
7979
- name: Set up Ruby ${{ matrix.ruby_version }}
80-
uses: ruby/setup-ruby@v1
80+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
8181
with:
8282
ruby-version: ${{ matrix.ruby_version }}
8383
bundler-cache: true
@@ -86,6 +86,6 @@ jobs:
8686
run: bundle exec rake
8787

8888
- name: Upload Coverage
89-
uses: codecov/codecov-action@v5
89+
uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
9090
with:
9191
token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/sentry_resque_test.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -41,15 +41,15 @@ jobs:
4141
- ruby_version: 'jruby'
4242
- ruby_version: 'jruby-head'
4343
steps:
44-
- uses: actions/checkout@v4
44+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
4545
- name: Set up Ruby ${{ matrix.ruby_version }}
46-
uses: ruby/setup-ruby@v1
46+
uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1
4747
with:
4848
ruby-version: ${{ matrix.ruby_version }}
4949
bundler-cache: true
5050

5151
- name: Start Redis
52-
uses: supercharge/redis-github-action@1.8.1
52+
uses: supercharge/redis-github-action@105b02b0ae87d7c6a8bb8debaf94b553a593327b # 1.8.1
5353
with:
5454
redis-version: 5
5555

@@ -64,6 +64,6 @@ jobs:
6464
run: bundle exec rake
6565

6666
- name: Upload Coverage
67-
uses: codecov/codecov-action@v5
67+
uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
6868
with:
6969
token: ${{ secrets.CODECOV_TOKEN }}

0 commit comments

Comments
 (0)