From 96aa698a5c392ac195f95d91dbda9145fd4898dc Mon Sep 17 00:00:00 2001 From: Myrotvorets Date: Wed, 4 Sep 2024 11:19:00 +0300 Subject: [PATCH] Pin actions --- .github/codeql-config.yml | 10 ---------- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 4 ++-- .github/workflows/npm-publish.yml | 4 ++-- .github/workflows/package-audit.yml | 2 +- .github/workflows/push-tag.yml | 2 +- .github/workflows/sonarscan.yml | 2 +- 7 files changed, 8 insertions(+), 18 deletions(-) delete mode 100644 .github/codeql-config.yml diff --git a/.github/codeql-config.yml b/.github/codeql-config.yml deleted file mode 100644 index 8adc469..0000000 --- a/.github/codeql-config.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: CodeQL Config - -paths: - - lib - -paths-ignore: - - node_modules - -queries: - - uses: security-and-quality diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 961f8d8..26cc81c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -41,6 +41,6 @@ jobs: registry.npmjs.org:443 - name: Build and test - uses: myrotvorets/composite-actions/build-test-nodejs@master + uses: myrotvorets/composite-actions/build-test-nodejs@931ae3fec4810f7d263d28f6cf12159080b76208 with: node-version: ${{ matrix.node.version }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 067cc67..10a1730 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -36,7 +36,7 @@ jobs: registry.npmjs.org:443 - name: Run code style check - uses: myrotvorets/composite-actions/node-run-script@master + uses: myrotvorets/composite-actions/node-run-script@931ae3fec4810f7d263d28f6cf12159080b76208 with: script: lint @@ -59,6 +59,6 @@ jobs: registry.npmjs.org:443 - name: Run type check - uses: myrotvorets/composite-actions/node-run-script@master + uses: myrotvorets/composite-actions/node-run-script@931ae3fec4810f7d263d28f6cf12159080b76208 with: script: typecheck diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 370cda8..774aadb 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -39,7 +39,7 @@ jobs: registry.npmjs.org:443 - name: Prepare source - uses: myrotvorets/composite-actions/node-prepublish@master + uses: myrotvorets/composite-actions/node-prepublish@931ae3fec4810f7d263d28f6cf12159080b76208 publish: name: Publish package (${{ matrix.registry }}) @@ -79,7 +79,7 @@ jobs: npm.pkg.github.com:443 - name: Publish package - uses: myrotvorets/composite-actions/node-publish@master + uses: myrotvorets/composite-actions/node-publish@931ae3fec4810f7d263d28f6cf12159080b76208 with: node-auth-token: ${{ secrets[matrix.secret] }} registry-url: ${{ matrix.registry_url }} diff --git a/.github/workflows/package-audit.yml b/.github/workflows/package-audit.yml index 50ce012..2576ef7 100644 --- a/.github/workflows/package-audit.yml +++ b/.github/workflows/package-audit.yml @@ -30,4 +30,4 @@ jobs: registry.npmjs.org:443 - name: Audit with NPM - uses: myrotvorets/composite-actions/node-package-audit@master + uses: myrotvorets/composite-actions/node-package-audit@931ae3fec4810f7d263d28f6cf12159080b76208 diff --git a/.github/workflows/push-tag.yml b/.github/workflows/push-tag.yml index 8fb6927..ceb3b33 100644 --- a/.github/workflows/push-tag.yml +++ b/.github/workflows/push-tag.yml @@ -34,7 +34,7 @@ jobs: registry.npmjs.org:443 - name: Build and test - uses: myrotvorets/composite-actions/build-test-nodejs@master + uses: myrotvorets/composite-actions/build-test-nodejs@931ae3fec4810f7d263d28f6cf12159080b76208 release: name: Prepare the release diff --git a/.github/workflows/sonarscan.yml b/.github/workflows/sonarscan.yml index 3b8b4f1..c7610cf 100644 --- a/.github/workflows/sonarscan.yml +++ b/.github/workflows/sonarscan.yml @@ -41,7 +41,7 @@ jobs: sonarcloud.io:443 - name: Run SonarCloud analysis - uses: myrotvorets/composite-actions/node-sonarscan@master + uses: myrotvorets/composite-actions/node-sonarscan@931ae3fec4810f7d263d28f6cf12159080b76208 with: sonar-token: ${{ secrets.SONAR_TOKEN }} test-script: 'test:sonarqube'