From 369c2f9da548f1eb171017cb8d1c5fd82b5de4e3 Mon Sep 17 00:00:00 2001 From: Suneha Bose Date: Fri, 28 Feb 2025 12:04:09 -0800 Subject: [PATCH] pin dependencies --- .github/workflows/ci-go.yml | 14 +++++++------- .github/workflows/ci-guardrailpolicies.yml | 2 +- .github/workflows/ci-python.yml | 2 +- .github/workflows/codeql-analysis.yml | 10 +++++----- .github/workflows/maintenance.yml | 2 +- .github/workflows/npm-audit.yml | 8 ++++---- .github/workflows/release-note.yml | 4 ++-- .github/workflows/yamllint.yml | 4 ++-- 8 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/ci-go.yml b/.github/workflows/ci-go.yml index b7ad23124de..056d184cc87 100644 --- a/.github/workflows/ci-go.yml +++ b/.github/workflows/ci-go.yml @@ -18,7 +18,7 @@ jobs: image: registry.access.redhat.com/ubi8/go-toolset:1.22.9-2 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Add GOBIN to PATH run: | echo "$(go env GOPATH)/bin" >> $GITHUB_PATH @@ -32,7 +32,7 @@ jobs: image: registry.access.redhat.com/ubi8/go-toolset:1.22.9-2 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Add GOBIN to PATH run: | echo "$(go env GOPATH)/bin" >> $GITHUB_PATH @@ -46,15 +46,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # pin@v5 with: go-version-file: go.mod - name: Run golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@2226d7cb06a077cd73e56eedd38eecad18e5d837 # pin@v6 with: version: v1.64.5 args: -v --timeout 15m @@ -64,10 +64,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # pin@v5 with: go-version-file: go.mod diff --git a/.github/workflows/ci-guardrailpolicies.yml b/.github/workflows/ci-guardrailpolicies.yml index 75913492dce..5f81aaa7f5e 100644 --- a/.github/workflows/ci-guardrailpolicies.yml +++ b/.github/workflows/ci-guardrailpolicies.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Install opa binary run: | diff --git a/.github/workflows/ci-python.yml b/.github/workflows/ci-python.yml index 395424deb22..21807600e38 100644 --- a/.github/workflows/ci-python.yml +++ b/.github/workflows/ci-python.yml @@ -19,7 +19,7 @@ jobs: image: registry.access.redhat.com/ubi8/python-311:latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: validate run: | make test-python diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0db5adc16f3..faf58905e5a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -36,24 +36,24 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: Set up Go if: matrix.language == 'go' - uses: actions/setup-go@v5 + uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # pin@v5 with: go-version-file: go.mod - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # pin@v3 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config-${{matrix.language}}.yml - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # pin@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # pin@v3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/maintenance.yml b/.github/workflows/maintenance.yml index e8b3501379a..4a13f1530b0 100644 --- a/.github/workflows/maintenance.yml +++ b/.github/workflows/maintenance.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check if prs are dirty - uses: eps1lon/actions-label-merge-conflict@releases/2.x + uses: eps1lon/actions-label-merge-conflict@fd1f295ee7443d13745804bc49fe158e240f6c6e # pin@releases/2.x with: dirtyLabel: needs-rebase removeOnDirtyLabel: ready-for-review diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml index f671fa18d76..5140f5a7933 100644 --- a/.github/workflows/npm-audit.yml +++ b/.github/workflows/npm-audit.yml @@ -17,10 +17,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: setup Node.JS - uses: actions/setup-node@v4 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # pin@v4 with: node-version: 16.16.0 @@ -33,10 +33,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: setup Node.JS - uses: actions/setup-node@v4 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # pin@v4 with: node-version: 16.16.0 diff --git a/.github/workflows/release-note.yml b/.github/workflows/release-note.yml index 2ed5de5146e..925d5421227 100644 --- a/.github/workflows/release-note.yml +++ b/.github/workflows/release-note.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 with: ref: ${{ github.ref }} fetch-depth: 0 @@ -25,7 +25,7 @@ jobs: run: ./.github/generate_release_note.sh ${{ github.workspace }}/CHANGELOG.txt - name: Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # pin@v2 with: body_path: ${{ github.workspace }}/CHANGELOG.txt name: Release ${{ github.ref_name }} diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index aa7301a9ff7..a92d561363c 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 - name: yamllint - uses: oxsecurity/megalinter/flavors/ci_light@v8 + uses: oxsecurity/megalinter/flavors/ci_light@ec124f7998718d79379a3c5b39f5359952baf21d # pin@v8