Skip to content

Commit f7f016a

Browse files
miccymiccy
committed
fix: usage specific Commit SHA for CI
1 parent b584c3b commit f7f016a

File tree

5 files changed

+16
-16
lines changed

5 files changed

+16
-16
lines changed

.github/workflows/ci.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,10 @@ jobs:
1818
ci:
1919
runs-on: ubuntu-latest
2020
steps:
21-
- uses: actions/checkout@v4
21+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2222

2323
- name: Setup Bun
24-
uses: oven-sh/setup-bun@v2
24+
uses: oven-sh/setup-bun@f453a2b535d48227b203c9c9f7a77e089201a403 # v2.0.0
2525
with:
2626
bun-version: "1.3.8"
2727

.github/workflows/docker.yaml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323
id-token: write
2424
steps:
2525
- name: Check out the repo
26-
uses: actions/checkout@v4
26+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2727

2828
- name: Check if version already published
2929
id: version
@@ -46,23 +46,23 @@ jobs:
4646
4747
- name: Set up QEMU
4848
if: ${{ steps.version.outputs.changed == 'true' }}
49-
uses: docker/setup-qemu-action@v3
49+
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
5050

5151
- name: Set up Docker Buildx
5252
if: ${{ steps.version.outputs.changed == 'true' }}
53-
uses: docker/setup-buildx-action@v3
53+
uses: docker/setup-buildx-action@988b5a0280414f521da3d829df8432753fbd92d2 # v3.6.1
5454

5555
- name: Log in to Docker Hub
5656
if: ${{ github.repository == 'evoluhq/evolu' && steps.version.outputs.changed == 'true' }}
57-
uses: docker/login-action@v3
57+
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
5858
with:
5959
username: ${{ secrets.DOCKER_USERNAME }}
6060
password: ${{ secrets.DOCKER_PASSWORD }}
6161

6262
- name: Extract metadata (tags, labels) for Docker
6363
if: ${{ steps.version.outputs.changed == 'true' }}
6464
id: meta
65-
uses: docker/metadata-action@v5
65+
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
6666
with:
6767
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
6868
flavor: |
@@ -76,7 +76,7 @@ jobs:
7676
- name: Build and push Docker image
7777
if: ${{ github.repository == 'evoluhq/evolu' && steps.version.outputs.changed == 'true' }}
7878
id: push
79-
uses: docker/build-push-action@v6
79+
uses: docker/build-push-action@32945a339266b759abcbdc89316bb68de327d74b # v6.7.0
8080
with:
8181
platforms: linux/amd64,linux/arm64
8282
context: .
@@ -93,7 +93,7 @@ jobs:
9393

9494
- name: Generate artifact attestation
9595
if: ${{ github.repository == 'evoluhq/evolu' && steps.version.outputs.changed == 'true' }}
96-
uses: actions/attest-build-provenance@v1
96+
uses: actions/attest-build-provenance@897ed5eab10ec6095258600c7e5e2195f007b46d # v1.4.1
9797
with:
9898
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
9999
subject-digest: ${{ steps.push.outputs.digest }}

.github/workflows/release.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,8 @@ jobs:
1818
name: Release
1919
runs-on: ubuntu-latest
2020
steps:
21-
- uses: actions/checkout@v4
22-
- uses: oven-sh/setup-bun@v2
21+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
22+
- uses: oven-sh/setup-bun@f453a2b535d48227b203c9c9f7a77e089201a403 # v2.0.0
2323
with:
2424
bun-version: "1.3.8"
2525

@@ -31,7 +31,7 @@ jobs:
3131

3232
- name: Create Release Pull Request or Publish
3333
id: changesets
34-
uses: changesets/action@v1
34+
uses: changesets/action@aba2c841fbc6b30f889c450c3995817c1bf05285 # v1
3535
with:
3636
publish: bun run changeset publish
3737
createGithubReleases: true

.github/workflows/socket.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,12 +27,12 @@ jobs:
2727
runs-on: ubuntu-latest
2828

2929
steps:
30-
- uses: actions/checkout@v4
30+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3131
with:
3232
# For PRs, fetch one additional commit for proper diff analysis
3333
fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }}
3434

35-
- uses: actions/setup-python@v5
35+
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
3636
with:
3737
python-version: "3.12"
3838

.github/workflows/web-build.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ jobs:
2424
build:
2525
runs-on: ubuntu-latest
2626
steps:
27-
- uses: actions/checkout@v4
27+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2828

2929
- name: Setup Bun
30-
uses: oven-sh/setup-bun@v2
30+
uses: oven-sh/setup-bun@f453a2b535d48227b203c9c9f7a77e089201a403 # v2.0.0
3131
with:
3232
bun-version: "1.3.8"
3333

0 commit comments

Comments
 (0)