diff --git a/.github/workflows/auto-assign.yml b/.github/workflows/auto-assign.yml index 6a29b1e..09f3114 100644 --- a/.github/workflows/auto-assign.yml +++ b/.github/workflows/auto-assign.yml @@ -15,7 +15,7 @@ jobs: steps: - name: 'Auto-assign issue' - uses: pozil/auto-assign-issue@v1 + uses: pozil/auto-assign-issue@d11e715efc663fe323c3d8d4d3cbbfdddd539baf # v1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} assignees: fadedDexofan diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 248550c..686c59e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,14 +37,14 @@ jobs: GITHUB_ACTIONS_AUTHOR_EMAIL: actions@users.noreply.github.com steps: - - uses: actions/create-github-app-token@v1 + - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1 id: app-token with: app-id: ${{ vars.VERSION_BUMPER_APPID }} private-key: ${{ secrets.VERSION_BUMPER_SECRET }} - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 0 ref: ${{ github.sha }} @@ -55,7 +55,7 @@ jobs: git checkout -B ${{ github.ref_name }} - name: Setup | Download Build Artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 id: artifact-download with: name: ${{ needs.validate.outputs.distribution-artifacts }} @@ -63,14 +63,14 @@ jobs: - name: Release | Python Semantic Release id: release - uses: python-semantic-release/python-semantic-release@v9.15.2 + uses: python-semantic-release/python-semantic-release@7b3f71697ccfbaef884e1e754b6364e974b134cf # v9.15.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} git_committer_name: "github-actions" git_committer_email: "actions@users.noreply.github.com" - name: Release | Add distribution artifacts to GitHub Release Assets - uses: python-semantic-release/publish-action@v9.15.2 + uses: python-semantic-release/publish-action@b9c41d4b0754dee5a6c7188d42b33f66e3a8aafd # v9.15.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} tag: ${{ steps.release.outputs.tag }} @@ -122,7 +122,7 @@ jobs: # the branch was updated. To keep PSR working with the configured release branches, # we force a checkout of the desired release branch but at the workflow sha HEAD. - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 1 ref: ${{ github.sha }} @@ -132,7 +132,7 @@ jobs: git checkout -B ${{ github.ref_name }} - name: Setup | Download Build Artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 id: artifact-download with: name: ${{ needs.validate.outputs.distribution-artifacts }} diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 023ef04..570b86e 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: ${{ github.sha }} fetch-depth: 0 @@ -40,12 +40,12 @@ jobs: git checkout -B ${{ github.ref_name }} - name: Setup | Install Python ${{ env.COMMON_PYTHON_VERSION }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: ${{ env.COMMON_PYTHON_VERSION }} - name: Setup | Install UV - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4 with: enable-cache: true @@ -65,7 +65,7 @@ jobs: printf '%s\n' "artifacts_name=dist" >> $GITHUB_OUTPUT - name: Upload | Distribution Artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4 with: name: ${{ steps.build.outputs.artifacts_name }} path: ${{ steps.build.outputs.dist_dir }} @@ -82,13 +82,13 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: ${{ github.sha }} fetch-depth: 0 - name: Setup | Install Python ${{ env.COMMON_PYTHON_VERSION }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: ${{ env.COMMON_PYTHON_VERSION }} @@ -99,7 +99,7 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Setup | Install UV - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4 with: enable-cache: true @@ -144,13 +144,13 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: ${{ github.sha }} fetch-depth: 1 - name: Setup | Install Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: ${{ matrix.python-version }} @@ -161,7 +161,7 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Setup | Install UV - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4 with: enable-cache: true @@ -175,7 +175,7 @@ jobs: run: task test:all -- --junit-xml=tests/reports/pytest-results.xml - name: Report | Upload Test Results - uses: mikepenz/action-junit-report@v5.2.0 + uses: mikepenz/action-junit-report@62516aa379bff6370c95fd5894d5a27fb6619d9b # v5.2.0 if: ${{ always() && steps.tests.outcome != 'skipped' }} with: report_paths: ./tests/reports/*.xml