From f2db46c4979e53c0ac1c5cd9cb1659330561f0c4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 7 Jul 2022 23:49:41 +0200 Subject: [PATCH] ci(action): pin dependencies (#235) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/release.yml | 4 ++-- .github/workflows/test.yml | 4 ++-- .github/workflows/update-prettier.yml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dd9ad54..909873c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -29,7 +29,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@3f62b754e23e0dd60f91b744033e1dc1654c0ec6 # tag=v2 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java @@ -37,7 +37,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@3f62b754e23e0dd60f91b744033e1dc1654c0ec6 # tag=v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -51,4 +51,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@3f62b754e23e0dd60f91b744033e1dc1654c0ec6 # tag=v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a7ef522..e8b692a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,8 +12,8 @@ jobs: name: release runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3 + - uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # tag=v3 with: node-version: 16 cache: npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 92faa2e..28e4275 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,9 +18,9 @@ jobs: - 14 - 16 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3 - name: "Use Node.js ${{ matrix.node_version }}" - uses: actions/setup-node@v3 + uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # tag=v3 with: node-version: "${{ matrix.node_version }}" cache: npm diff --git a/.github/workflows/update-prettier.yml b/.github/workflows/update-prettier.yml index e17dbed..92db252 100644 --- a/.github/workflows/update-prettier.yml +++ b/.github/workflows/update-prettier.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@master - - uses: actions/setup-node@v3 + - uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # tag=v3 with: cache: npm node-version: 16