actions/changed-files
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: pin github actions (#2503)

Browse Source
This commit is contained in:
Tonye Jack
2025-03-22 16:03:14 -06:00
committed by GitHub
parent 9468856c22
commit 7a369a7175
10 changed files with 73 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/codacy-analysis.yml vendored
View File

@@ -29,12 +29,12 @@ jobs:
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
continue-on-error: true
uses: codacy/codacy-analysis-cli-action@v4.4.5
uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.4.5
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
@@ -51,6 +51,6 @@ jobs:
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
continue-on-error: true
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
with:
sarif_file: results.sarif

8
.github/workflows/codeql.yml vendored
View File

@@ -43,11 +43,11 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -61,7 +61,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
uses: github/codeql-action/autobuild@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -74,6 +74,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
with:
category: "/language:${{matrix.language}}"

4
.github/workflows/issue-comment-job-example.yml vendored
View File

@@ -19,7 +19,7 @@ jobs:
NUMBER: ${{ github.event.issue.number }}
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
fetch-depth: 0
@@ -104,7 +104,7 @@ jobs:
NUMBER: ${{ github.event.issue.number }}
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
fetch-depth: 0

2
.github/workflows/manual-triggered-job-example.yml vendored
View File

@@ -18,7 +18,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
fetch-depth: 0

4
.github/workflows/matrix-example.yml vendored
View File

@@ -17,7 +17,7 @@ jobs:
matrix: ${{ steps.changed-files.outputs.all_changed_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Get changed files
@@ -39,7 +39,7 @@ jobs:
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Test
run: |
echo ${{ matrix.files }}

4
.github/workflows/multi-job-example.yml vendored
View File

@@ -19,7 +19,7 @@ jobs:
all_changed_files: ${{ steps.changed-files.outputs.all_changed_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Get changed files
@@ -45,7 +45,7 @@ jobs:
all_changed_files: ${{ steps.changed-files.outputs.all_changed_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Get changed files

12
.github/workflows/sync-release-version.yml vendored
View File

@@ -13,13 +13,13 @@ jobs:
update-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Run release-tagger
uses: tj-actions/release-tagger@v4
uses: tj-actions/release-tagger@1a9264b0fd99a1ef92c4fd2f077f292900cc79b6 # v4.0.0
- name: Sync release version.
uses: tj-actions/sync-release-version@v13
uses: tj-actions/sync-release-version@2c909a7cf69905388d998101c40edb26d0882ea2 # v13.12
id: sync-release-version
with:
pattern: '${{ github.repository }}@'
@@ -28,7 +28,7 @@ jobs:
paths: |
README.md
- name: Sync release package version.
uses: tj-actions/sync-release-version@v13
uses: tj-actions/sync-release-version@2c909a7cf69905388d998101c40edb26d0882ea2 # v13.12
id: sync-release-package-version
with:
pattern: '"version": "'
@@ -36,9 +36,9 @@ jobs:
paths: |
package.json
- name: Run git-cliff
uses: tj-actions/git-cliff@v1
uses: tj-actions/git-cliff@75599f745633e29f99bd9e14a30865b7d2fcbe84 # v1.5.0
- name: Create Pull Request
uses: peter-evans/create-pull-request@v7.0.8
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with:
base: "main"
labels: "merge when passing"

92
.github/workflows/test.yml vendored
View File

@@ -38,14 +38,14 @@ jobs:
contents: write
pull-requests: read
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
fetch-depth: 0
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Use Node.js 20.x
uses: actions/setup-node@v4.3.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
cache: 'yarn'
node-version: '20.x'
@@ -60,7 +60,7 @@ jobs:
yarn install
- name: Run eslint on changed files
uses: tj-actions/eslint-changed-files@v25
uses: tj-actions/eslint-changed-files@0cfcd35949a961d13e964a7c2a4971c0e89b68fc # v25.3.1
if: github.event_name == 'pull_request'
with:
token: ${{ secrets.PAT_TOKEN }}
@@ -74,7 +74,7 @@ jobs:
GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FORK: ${{ github.event.pull_request.head.repo.fork }}
- name: Verify Changed files
uses: tj-actions/verify-changed-files@v20
uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20.0.1
if: github.actor != 'dependabot[bot]'
id: changed_files
with:
@@ -98,13 +98,13 @@ jobs:
branch: ${{ github.head_ref }}
- name: Upload build assets
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: build-assets
path: dist
- name: Run codacy-coverage-reporter
uses: codacy/codacy-coverage-reporter-action@v1
uses: codacy/codacy-coverage-reporter-action@89d6c85cfafaec52c72b6c5e8b2878d33104c699 # v1.3.0
continue-on-error: true
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
@@ -119,7 +119,7 @@ jobs:
contents: read
steps:
- name: Checkout into dir1
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
submodules: true
@@ -127,7 +127,7 @@ jobs:
path: dir1
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
path: dir1/dist
@@ -153,13 +153,13 @@ jobs:
bash
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
path: dir2/dist
- name: Checkout into dir2
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
submodules: true
@@ -195,13 +195,13 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
fetch-depth: 0
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -255,13 +255,13 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
fetch-depth: 0
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -299,13 +299,13 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
fetch-depth: 0
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -338,13 +338,13 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -372,12 +372,12 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -406,14 +406,14 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: ${{ matrix.fetch-depth }}
persist-credentials: false
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -436,10 +436,10 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -491,10 +491,10 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -546,7 +546,7 @@ jobs:
pull-requests: read
steps:
- name: Checkout into dir1
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
submodules: true
@@ -554,7 +554,7 @@ jobs:
path: dir1
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
path: dir1/dist
@@ -578,14 +578,14 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
submodules: true
fetch-depth: 0
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
path: dist
@@ -615,7 +615,7 @@ jobs:
contents: read
steps:
- name: Checkout into dir1
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
submodules: true
@@ -623,7 +623,7 @@ jobs:
path: dir1
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
path: dir1/dist
@@ -654,14 +654,14 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -720,14 +720,14 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -815,14 +815,14 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -1001,7 +1001,7 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: a52f8621d26d5d9f54b80f74bda2d9eedff94693
repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -1039,7 +1039,7 @@ jobs:
contents: read
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -1118,7 +1118,7 @@ jobs:
steps:
- name: Checkout branch
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -1126,7 +1126,7 @@ jobs:
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
@@ -1171,13 +1171,13 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
repository: ${{ github.event.pull_request.head.repo.full_name }}
fetch-depth: ${{ matrix.fetch-depth }}
- name: Download build assets
uses: actions/download-artifact@v4
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: build-assets
- name: Dump GitHub context
@@ -2162,9 +2162,9 @@ jobs:
bash
- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v8
uses: tj-actions/branch-names@6871f53176ad61624f978536bbf089c574dc19a2 # v8.0.1
if: github.event_name == 'pull_request' && matrix.fetch-depth == 0
- uses: nrwl/nx-set-shas@v4
- uses: nrwl/nx-set-shas@dbe0650947e5f2c81f59190a38512cf49126fe6b # v4.3.0
id: last_successful_commit
if: github.event_name == 'pull_request' && github.event.action != 'closed' && matrix.fetch-depth == 0
with:

10
.github/workflows/update-readme.yml vendored
View File

@@ -13,22 +13,22 @@ jobs:
sync-assets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Run auto-doc
uses: tj-actions/auto-doc@v3
uses: tj-actions/auto-doc@b10ceedffd794ec29a8fa8700529f40c1b64a951 # v3.6.0
with:
use_code_blocks: true
use_major_version: true
use_tag_commit_hash: true
- name: Run remark
uses: tj-actions/remark@v3
uses: tj-actions/remark@10fc40701928cbafcc4a2d241679579d218144ff # v3
- name: Verify Changed files
uses: tj-actions/verify-changed-files@v20
uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20.0.1
id: verify_changed_files
with:
files: |
@@ -42,7 +42,7 @@ jobs:
- name: Create Pull Request
if: failure()
uses: peter-evans/create-pull-request@v7
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with:
base: "main"
labels: "merge when passing"

4
.github/workflows/workflow-run-example.yml vendored
View File

@@ -13,7 +13,7 @@ jobs:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Get changed files
id: changed-files
@@ -29,7 +29,7 @@ jobs:
if: ${{ github.event.workflow_run.conclusion == 'failure' }}
steps:
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Get changed files
id: changed-files