@@ -20,15 +20,20 @@ jobs:
2020 env :
2121 RUSTFLAGS : " -D warnings"
2222 steps :
23- - uses : actions/checkout@v4
23+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
24+ with :
25+ persist-credentials : false
2426
25- - uses : dtolnay/rust-toolchain@nightly
27+ - uses : dtolnay/rust-toolchain@5b842231ba77f5c045dba54ac5560fed2db780e2 # nightly
2628 with :
29+ toolchain : nightly
2730 components : rustfmt, clippy
2831
29- - uses : dtolnay/rust-toolchain@stable
32+ - uses : dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable
33+ with :
34+ toolchain : stable
3035
31- - uses : Swatinem/rust-cache@v2
36+ - uses : Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
3237
3338 - name : cargo build
3439 run : cargo build --workspace --all-targets --all-features
@@ -46,15 +51,21 @@ jobs:
4651 name : Codegen
4752 runs-on : ubuntu-latest
4853 steps :
49- - uses : actions/checkout@v4
54+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
55+ with :
56+ persist-credentials : false
5057
51- - uses : dtolnay/rust-toolchain@stable
58+ - uses : dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable
59+ with :
60+ toolchain : stable
5261
53- - uses : dtolnay/rust-toolchain@nightly
62+ - uses : dtolnay/rust-toolchain@5b842231ba77f5c045dba54ac5560fed2db780e2 # nightly
63+ with :
64+ toolchain : nightly
5465
55- - uses : Swatinem/rust-cache@v2
66+ - uses : Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
5667
57- - uses : actions/setup-node@v4
68+ - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
5869 with :
5970 node-version : 22
6071
6576 run : ./scripts/codegen.sh
6677
6778 - name : Upload codegen output
68- uses : actions/upload-artifact@v4
79+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
6980 with :
7081 name : codegen-output
7182 if-no-files-found : error
@@ -85,18 +96,20 @@ jobs:
8596 env :
8697 TRUAPI_REQUIRE_GENERATED : 1
8798 steps :
88- - uses : actions/checkout@v4
99+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
100+ with :
101+ persist-credentials : false
89102
90- - uses : actions/setup-node@v4
103+ - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
91104 with :
92105 node-version : 22
93106
94- - uses : oven-sh/setup-bun@v2
107+ - uses : oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
95108 with :
96109 bun-version : latest
97110
98111 - name : Download codegen output
99- uses : actions/download-artifact@v4
112+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
100113 with :
101114 name : codegen-output
102115
@@ -116,14 +129,16 @@ jobs:
116129 env :
117130 TRUAPI_REQUIRE_GENERATED : 1
118131 steps :
119- - uses : actions/checkout@v4
132+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
133+ with :
134+ persist-credentials : false
120135
121- - uses : actions/setup-node@v4
136+ - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
122137 with :
123138 node-version : 22
124139
125140 - name : Download codegen output
126- uses : actions/download-artifact@v4
141+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
127142 with :
128143 name : codegen-output
129144
@@ -135,7 +150,7 @@ jobs:
135150 run : yarn install --frozen-lockfile
136151
137152 - name : Cache Next.js build
138- uses : actions/cache@v4
153+ uses : actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
139154 with :
140155 path : playground/.next/cache
141156 key : ${{ runner.os }}-nextjs-${{ hashFiles('playground/yarn.lock') }}-${{ hashFiles('playground/src/**', 'playground/scripts/**', 'playground/public/**', 'playground/next.config.js', 'playground/tsconfig.json', 'playground/package.json') }}
@@ -157,14 +172,16 @@ jobs:
157172 env :
158173 TRUAPI_REQUIRE_GENERATED : 1
159174 steps :
160- - uses : actions/checkout@v4
175+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
176+ with :
177+ persist-credentials : false
161178
162- - uses : actions/setup-node@v4
179+ - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
163180 with :
164181 node-version : 22
165182
166183 - name : Download codegen output
167- uses : actions/download-artifact@v4
184+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
168185 with :
169186 name : codegen-output
170187
@@ -193,20 +210,21 @@ jobs:
193210 env :
194211 TRUAPI_REQUIRE_GENERATED : 1
195212 steps :
196- - uses : actions/checkout@v4
213+ - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
197214 with :
198215 submodules : recursive
216+ persist-credentials : false
199217
200- - uses : actions/setup-node@v4
218+ - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
201219 with :
202220 node-version : 22
203221
204- - uses : oven-sh/setup-bun@v2
222+ - uses : oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
205223 with :
206224 bun-version : latest
207225
208226 - name : Download codegen output
209- uses : actions/download-artifact@v4
227+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
210228 with :
211229 name : codegen-output
212230
@@ -231,7 +249,7 @@ jobs:
231249
232250 - name : Upload Playwright report
233251 if : failure()
234- uses : actions/upload-artifact@v4
252+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
235253 with :
236254 name : playwright-report
237255 path : playground/playwright-report
0 commit comments