diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index e02d33e2..2bba979f 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -29,12 +29,12 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI continue-on-error: true - uses: codacy/codacy-analysis-cli-action@v4.4.5 + uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.4.5 with: # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository # You can also omit the token and run the tools that support default configurations @@ -51,6 +51,6 @@ jobs: # Upload the SARIF file generated in the previous step - name: Upload SARIF results file continue-on-error: true - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 with: sarif_file: results.sarif diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3de65469..588987e0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,11 +43,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -61,7 +61,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -74,6 +74,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/issue-comment-job-example.yml b/.github/workflows/issue-comment-job-example.yml index 452d1df1..d68bf88d 100644 --- a/.github/workflows/issue-comment-job-example.yml +++ b/.github/workflows/issue-comment-job-example.yml @@ -19,7 +19,7 @@ jobs: NUMBER: ${{ github.event.issue.number }} - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true fetch-depth: 0 @@ -104,7 +104,7 @@ jobs: NUMBER: ${{ github.event.issue.number }} - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true fetch-depth: 0 diff --git a/.github/workflows/manual-triggered-job-example.yml b/.github/workflows/manual-triggered-job-example.yml index a4bd8114..03c0a957 100644 --- a/.github/workflows/manual-triggered-job-example.yml +++ b/.github/workflows/manual-triggered-job-example.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true fetch-depth: 0 diff --git a/.github/workflows/matrix-example.yml b/.github/workflows/matrix-example.yml index 7d0e06e6..2092dece 100644 --- a/.github/workflows/matrix-example.yml +++ b/.github/workflows/matrix-example.yml @@ -17,7 +17,7 @@ jobs: matrix: ${{ steps.changed-files.outputs.all_changed_files }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Get changed files @@ -39,7 +39,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Test run: | echo ${{ matrix.files }} diff --git a/.github/workflows/multi-job-example.yml b/.github/workflows/multi-job-example.yml index ad53c81b..aecc65eb 100644 --- a/.github/workflows/multi-job-example.yml +++ b/.github/workflows/multi-job-example.yml @@ -19,7 +19,7 @@ jobs: all_changed_files: ${{ steps.changed-files.outputs.all_changed_files }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Get changed files @@ -45,7 +45,7 @@ jobs: all_changed_files: ${{ steps.changed-files.outputs.all_changed_files }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Get changed files diff --git a/.github/workflows/sync-release-version.yml b/.github/workflows/sync-release-version.yml index 3340b39f..8ee2b588 100644 --- a/.github/workflows/sync-release-version.yml +++ b/.github/workflows/sync-release-version.yml @@ -13,13 +13,13 @@ jobs: update-version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Run release-tagger - uses: tj-actions/release-tagger@v4 + uses: tj-actions/release-tagger@1a9264b0fd99a1ef92c4fd2f077f292900cc79b6 # v4.0.0 - name: Sync release version. - uses: tj-actions/sync-release-version@v13 + uses: tj-actions/sync-release-version@2c909a7cf69905388d998101c40edb26d0882ea2 # v13.12 id: sync-release-version with: pattern: '${{ github.repository }}@' @@ -28,7 +28,7 @@ jobs: paths: | README.md - name: Sync release package version. - uses: tj-actions/sync-release-version@v13 + uses: tj-actions/sync-release-version@2c909a7cf69905388d998101c40edb26d0882ea2 # v13.12 id: sync-release-package-version with: pattern: '"version": "' @@ -36,9 +36,9 @@ jobs: paths: | package.json - name: Run git-cliff - uses: tj-actions/git-cliff@v1 + uses: tj-actions/git-cliff@75599f745633e29f99bd9e14a30865b7d2fcbe84 # v1.5.0 - name: Create Pull Request - uses: peter-evans/create-pull-request@v7.0.8 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: base: "main" labels: "merge when passing" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7ffe2251..9aca0e2d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -38,14 +38,14 @@ jobs: contents: write pull-requests: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 repository: ${{ github.event.pull_request.head.repo.full_name }} - name: Use Node.js 20.x - uses: actions/setup-node@v4.3.0 + uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0 with: cache: 'yarn' node-version: '20.x' @@ -60,7 +60,7 @@ jobs: yarn install - name: Run eslint on changed files - uses: tj-actions/eslint-changed-files@v25 + uses: tj-actions/eslint-changed-files@0cfcd35949a961d13e964a7c2a4971c0e89b68fc # v25.3.1 if: github.event_name == 'pull_request' with: token: ${{ secrets.PAT_TOKEN }} @@ -74,7 +74,7 @@ jobs: GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FORK: ${{ github.event.pull_request.head.repo.fork }} - name: Verify Changed files - uses: tj-actions/verify-changed-files@v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20.0.1 if: github.actor != 'dependabot[bot]' id: changed_files with: @@ -98,13 +98,13 @@ jobs: branch: ${{ github.head_ref }} - name: Upload build assets - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: build-assets path: dist - name: Run codacy-coverage-reporter - uses: codacy/codacy-coverage-reporter-action@v1 + uses: codacy/codacy-coverage-reporter-action@89d6c85cfafaec52c72b6c5e8b2878d33104c699 # v1.3.0 continue-on-error: true with: project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} @@ -119,7 +119,7 @@ jobs: contents: read steps: - name: Checkout into dir1 - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} submodules: true @@ -127,7 +127,7 @@ jobs: path: dir1 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets path: dir1/dist @@ -153,13 +153,13 @@ jobs: bash - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets path: dir2/dist - name: Checkout into dir2 - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} submodules: true @@ -195,13 +195,13 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} fetch-depth: 0 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -255,13 +255,13 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} fetch-depth: 0 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -299,13 +299,13 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} fetch-depth: 0 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -338,13 +338,13 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -372,12 +372,12 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -406,14 +406,14 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: ${{ matrix.fetch-depth }} persist-credentials: false repository: ${{ github.event.pull_request.head.repo.full_name }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -436,10 +436,10 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -491,10 +491,10 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -546,7 +546,7 @@ jobs: pull-requests: read steps: - name: Checkout into dir1 - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} submodules: true @@ -554,7 +554,7 @@ jobs: path: dir1 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets path: dir1/dist @@ -578,14 +578,14 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} submodules: true fetch-depth: 0 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets path: dist @@ -615,7 +615,7 @@ jobs: contents: read steps: - name: Checkout into dir1 - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} submodules: true @@ -623,7 +623,7 @@ jobs: path: dir1 - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets path: dir1/dist @@ -654,14 +654,14 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} submodules: recursive fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -720,14 +720,14 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} submodules: recursive fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -815,14 +815,14 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} submodules: recursive fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -1001,7 +1001,7 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: a52f8621d26d5d9f54b80f74bda2d9eedff94693 repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -1039,7 +1039,7 @@ jobs: contents: read steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -1118,7 +1118,7 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -1126,7 +1126,7 @@ jobs: fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets @@ -1171,13 +1171,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true repository: ${{ github.event.pull_request.head.repo.full_name }} fetch-depth: ${{ matrix.fetch-depth }} - name: Download build assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 with: name: build-assets - name: Dump GitHub context @@ -2162,9 +2162,9 @@ jobs: bash - name: Get branch name id: branch-name - uses: tj-actions/branch-names@v8 + uses: tj-actions/branch-names@6871f53176ad61624f978536bbf089c574dc19a2 # v8.0.1 if: github.event_name == 'pull_request' && matrix.fetch-depth == 0 - - uses: nrwl/nx-set-shas@v4 + - uses: nrwl/nx-set-shas@dbe0650947e5f2c81f59190a38512cf49126fe6b # v4.3.0 id: last_successful_commit if: github.event_name == 'pull_request' && github.event.action != 'closed' && matrix.fetch-depth == 0 with: diff --git a/.github/workflows/update-readme.yml b/.github/workflows/update-readme.yml index a9f2bfb0..6c1b8e45 100644 --- a/.github/workflows/update-readme.yml +++ b/.github/workflows/update-readme.yml @@ -13,22 +13,22 @@ jobs: sync-assets: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Run auto-doc - uses: tj-actions/auto-doc@v3 + uses: tj-actions/auto-doc@b10ceedffd794ec29a8fa8700529f40c1b64a951 # v3.6.0 with: use_code_blocks: true use_major_version: true use_tag_commit_hash: true - name: Run remark - uses: tj-actions/remark@v3 + uses: tj-actions/remark@10fc40701928cbafcc4a2d241679579d218144ff # v3 - name: Verify Changed files - uses: tj-actions/verify-changed-files@v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20.0.1 id: verify_changed_files with: files: | @@ -42,7 +42,7 @@ jobs: - name: Create Pull Request if: failure() - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: base: "main" labels: "merge when passing" diff --git a/.github/workflows/workflow-run-example.yml b/.github/workflows/workflow-run-example.yml index 40e00cfb..81cc14dc 100644 --- a/.github/workflows/workflow-run-example.yml +++ b/.github/workflows/workflow-run-example.yml @@ -13,7 +13,7 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Get changed files id: changed-files @@ -29,7 +29,7 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'failure' }} steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Get changed files id: changed-files