From 4d17d9f8eb5ccd788e07254c38e6c10227f9ea47 Mon Sep 17 00:00:00 2001 From: "P. L. Lim" <2090236+pllim@users.noreply.github.com> Date: Fri, 27 Sep 2024 12:01:40 -0400 Subject: [PATCH] MNT: Use hash for Action workflow versions and update if needed --- .github/workflows/check_milestone.yml | 2 +- .github/workflows/ci_workflows.yml | 8 ++++---- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/open_actions.yml | 6 +++--- .github/workflows/predeps_workflow.yml | 4 ++-- .github/workflows/publish-to-pypi.yml | 6 +++--- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/check_milestone.yml b/.github/workflows/check_milestone.yml index 2250146..7ac0670 100644 --- a/.github/workflows/check_milestone.yml +++ b/.github/workflows/check_milestone.yml @@ -17,7 +17,7 @@ jobs: milestone_checker: runs-on: ubuntu-latest steps: - - uses: actions/github-script@v7 + - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: github.repository == 'spacetelescope/stsynphot_refactor' with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci_workflows.yml b/.github/workflows/ci_workflows.yml index f878690..3ac1983 100644 --- a/.github/workflows/ci_workflows.yml +++ b/.github/workflows/ci_workflows.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check base branch - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: github.event_name == 'pull_request' with: script: | @@ -103,11 +103,11 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Install Python dependencies @@ -117,6 +117,6 @@ jobs: run: tox -e ${{ matrix.toxenv }} -- ${{ matrix.toxposargs }} - name: Upload coverage to codecov if: ${{ contains(matrix.toxenv,'-cov') }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 with: file: ./coverage.xml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fae9e15..78ed24c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -37,11 +37,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -52,7 +52,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -66,4 +66,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 diff --git a/.github/workflows/open_actions.yml b/.github/workflows/open_actions.yml index ad37b61..e1bc804 100644 --- a/.github/workflows/open_actions.yml +++ b/.github/workflows/open_actions.yml @@ -13,12 +13,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Label PR - uses: actions/labeler@v5 + uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 if: github.event_name == 'pull_request_target' || github.event_name == 'pull_request' with: repo-token: "${{ secrets.GITHUB_TOKEN }}" - name: 'Comment Draft PR' - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: github.event.pull_request.draft == true with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -30,6 +30,6 @@ jobs: body: '👋 Thank you for your draft pull request! Do you know that you can use `[ci skip]` or `[skip ci]` in your commit messages to skip running continuous integration tests until you are ready?' }) - name: Special comment - uses: pllim/action-special_pr_comment@main + uses: pllim/action-special_pr_comment@5126c189c02418a55448480b28efd1a00af48d7b # 0.2 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/predeps_workflow.yml b/.github/workflows/predeps_workflow.yml index e50f7d7..2066093 100644 --- a/.github/workflows/predeps_workflow.yml +++ b/.github/workflows/predeps_workflow.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Install Python dependencies diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml index 37d0442..c2facfd 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-to-pypi.yml @@ -21,11 +21,11 @@ jobs: id-token: write # IMPORTANT: mandatory for trusted publishing steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.x' @@ -50,4 +50,4 @@ jobs: - name: Publish distribution đŸ“Ļ to PyPI if: github.event_name == 'release' - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@897895f1e160c830e369f9779632ebc134688e1b # v1.10.2