Skip to content

Commit 09f7657

Browse files
authored
Pin GitHub Actions by SHA (#2441)
1 parent a7201c1 commit 09f7657

7 files changed

Lines changed: 16 additions & 18 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,14 +19,14 @@ jobs:
1919
language: [ 'actions', 'python' ]
2020
steps:
2121
- name: Checkout repository
22-
uses: actions/checkout@v4
22+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
2323

2424
- name: Initialize CodeQL
25-
uses: github/codeql-action/init@v4
25+
uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4
2626
with:
2727
languages: ${{ matrix.language }}
2828

2929
- name: Perform CodeQL Analysis
30-
uses: github/codeql-action/analyze@v4
30+
uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4
3131
with:
3232
category: "/language:${{ matrix.language }}"

.github/workflows/docs.yml

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,12 @@ jobs:
3030
runs-on: ubuntu-latest
3131
steps:
3232
- name: Checkout
33-
uses: actions/checkout@v6
33+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
3434
with:
3535
fetch-depth: 0 # Fetch all history for git info
3636

3737
- name: Setup .NET
38-
uses: actions/setup-dotnet@v4
38+
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4
3939
with:
4040
dotnet-version: '8.x'
4141

@@ -48,10 +48,10 @@ jobs:
4848
docfx docfx.json
4949
5050
- name: Setup Pages
51-
uses: actions/configure-pages@v6
51+
uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6
5252

5353
- name: Upload artifact
54-
uses: actions/upload-pages-artifact@v5
54+
uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5
5555
with:
5656
path: 'docs/_site'
5757

@@ -66,5 +66,4 @@ jobs:
6666
steps:
6767
- name: Deploy to GitHub Pages
6868
id: deployment
69-
uses: actions/deploy-pages@v5
70-
69+
uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5

.github/workflows/lint.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
runs-on: ubuntu-latest
1313
steps:
1414
- name: Checkout
15-
uses: actions/checkout@v6
15+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
1616

1717
- name: Run markdownlint-cli2
1818
uses: DavidAnson/markdownlint-cli2-action@6b51ade7a9e4a75a7ad929842dd298a3804ebe8b # v23

.github/workflows/release-trigger.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
pull-requests: write
1717
steps:
1818
- name: Checkout repository
19-
uses: actions/checkout@v6
19+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
2020
with:
2121
fetch-depth: 0
2222
token: ${{ secrets.RELEASE_PAT }}

.github/workflows/release.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
contents: write
1313
steps:
1414
- name: Checkout repository
15-
uses: actions/checkout@v6
15+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
1616
with:
1717
fetch-depth: 0
1818
token: ${{ secrets.GITHUB_TOKEN }}
@@ -86,4 +86,3 @@ jobs:
8686
--notes-file release_notes.md
8787
env:
8888
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
89-

.github/workflows/stale.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
stale:
1515
runs-on: ubuntu-latest
1616
steps:
17-
- uses: actions/stale@v10
17+
- uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10
1818
with:
1919
# Days of inactivity before an issue or PR becomes stale
2020
days-before-stale: 150

.github/workflows/test.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,13 +13,13 @@ jobs:
1313
runs-on: ubuntu-latest
1414
steps:
1515
- name: Checkout
16-
uses: actions/checkout@v4
16+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1717

1818
- name: Install uv
1919
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
2020

2121
- name: Set up Python
22-
uses: actions/setup-python@v6
22+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
2323
with:
2424
python-version: "3.13"
2525

@@ -34,13 +34,13 @@ jobs:
3434
python-version: ["3.11", "3.12", "3.13"]
3535
steps:
3636
- name: Checkout
37-
uses: actions/checkout@v4
37+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
3838

3939
- name: Install uv
4040
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
4141

4242
- name: Set up Python ${{ matrix.python-version }}
43-
uses: actions/setup-python@v6
43+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
4444
with:
4545
python-version: ${{ matrix.python-version }}
4646

0 commit comments

Comments
 (0)