@@ -12,15 +12,15 @@ jobs:
1212 build :
1313 runs-on : ubuntu-latest
1414 steps :
15- - uses : actions/checkout@v4
15+ - uses : actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
1616
1717 - name : Setup Python
18- uses : actions/setup-python@v4
18+ uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
1919 with :
2020 python-version : " 3.12"
2121
2222 - name : Set up Node.js
23- uses : actions/setup-node@v4
23+ uses : actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
2424 with :
2525 node-version : " 20"
2626
@@ -30,23 +30,24 @@ jobs:
3030 python -m build .
3131
3232name : Store the distribution packages
33- uses : actions/upload-artifact@v3
33+ uses : actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
3434 with :
3535 name : python-package-distributions
3636 path : dist/
37+ if-no-files-found : error
3738
3839 test :
3940 runs-on : ubuntu-latest
4041 steps :
41- - uses : actions/checkout@v4
42+ - uses : actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
4243
4344 - name : Setup Python
44- uses : actions/setup-python@v4
45+ uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
4546 with :
4647 python-version : " 3.12"
4748
4849 - name : Set up Node.js
49- uses : actions/setup-node@v4
50+ uses : actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
5051 with :
5152 node-version : " 20"
5253
6061 --cov=pyodide-build \
6162 pyodide_build
6263
63- uses : codecov/codecov-action@v4
64+ uses : codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
6465 with :
6566 fail_ci_if_error : false
6667
7172 run-integration-test : ${{ steps.check-integration-test-trigger.outputs.trigger }}
7273
7374 steps :
74- - uses : actions/checkout@v4
75+ - uses : actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
7576 with :
7677 ref : ${{ github.event.pull_request.head.sha }}
7778
@@ -84,18 +85,18 @@ jobs:
8485 needs : [check-integration-test-trigger]
8586 if : needs.check-integration-test-trigger.outputs.run-integration-test
8687 steps :
87- - uses : actions/checkout@v4
88+ - uses : actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
8889 with :
8990 # include tags so that hatch-vcs can infer the version
9091 fetch-depth : 0
9192
9293 - name : Setup Python
93- uses : actions/setup-python@v4
94+ uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
9495 with :
9596 python-version : " 3.12"
9697
9798 - name : Set up Node.js
98- uses : actions/setup-node@v4
99+ uses : actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
99100 with :
100101 node-version : " 20"
101102
@@ -110,7 +111,7 @@ jobs:
110111 echo EMSCRIPTEN_VERSION=$(pyodide config get emscripten_version) >> $GITHUB_ENV
111112
112113name : Install Emscripten
113- uses : mymindstorm/setup-emsdk@v12
114+ uses : mymindstorm/setup-emsdk@6ab9eb1bda2574c4ddb79809fc9247783eaf9021 # v14
114115 with :
115116 version : ${{ env.EMSCRIPTEN_VERSION }}
116117
@@ -120,8 +121,7 @@ jobs:
120121 make test-recipe
121122
122123publish :
123- name : >-
124- Publish to PyPI
124+ name : Publish to PyPI
125125 needs :
126126 - build
127127 runs-on : ubuntu-latest
@@ -133,9 +133,10 @@ jobs:
133133 id-token : write # IMPORTANT: mandatory for trusted publishing
134134 steps :
135135 - name : Download all the dists
136- 136+ uses : actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
137137 with :
138- name : python-package-distributions
139138 path : dist/
139+ merge-multiple : true
140+
140141 - name : Publish distribution 📦 to PyPI
141- uses : pypa/gh-action-pypi-publish@release/v1
142+ uses : pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # v1.10.1
0 commit comments