Skip to content

Commit 88c8444

Browse files
Woody4618Woody4618
authored
Merge pull request #11 from solana-mobile/pin-actions-to-sha
Pin third-party actions to SHAs, bump to current majors, add Dependabot
2 parents eb60679 + eae1071 commit 88c8444

9 files changed

Lines changed: 31 additions & 18 deletions

File tree

.github/dependabot.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: "github-actions"
4+
directories:
5+
- "/"
6+
- "/*"
7+
schedule:
8+
interval: "weekly"
9+
cooldown:
10+
default-days: 7
11+
semver-major-days: 30
12+
semver-minor-days: 7
13+
semver-patch-days: 7

idl-upload/action.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ runs:
2323
DEPLOY_KEYPAIR: ${{ inputs.keypair }}
2424

2525
- name: Upload IDL
26-
uses: nick-fields/retry@v2
26+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
2727
with:
2828
timeout_minutes: 10
2929
max_attempts: 50

metadata-upload/action.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ runs:
4545
DEPLOY_KEYPAIR: ${{ inputs.keypair }}
4646

4747
- name: Upload metadata
48-
uses: nick-fields/retry@v2
48+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
4949
with:
5050
timeout_minutes: 10
5151
max_attempts: 50

program-upgrade/action.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ runs:
6767
6868
- name: Deploy new program
6969
if: steps.check-program.outputs.exists == 'false'
70-
uses: nick-fields/retry@v2
70+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
7171
with:
7272
timeout_minutes: 10
7373
max_attempts: 3
@@ -83,7 +83,7 @@ runs:
8383
8484
- name: Upgrade existing program
8585
if: steps.check-program.outputs.exists == 'true'
86-
uses: nick-fields/retry@v2
86+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
8787
with:
8888
timeout_minutes: 10
8989
max_attempts: 3

run-tests/action.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ runs:
2020
using: "composite"
2121
steps:
2222
- name: Cache node_modules
23-
uses: actions/cache@v3
23+
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
2424
with:
2525
path: ./node_modules/
2626
key: node-modules-${{ runner.os }}-build-v0.1-${{ inputs.anchor_version }}-${{ inputs.solana_version }}
@@ -30,7 +30,7 @@ runs:
3030
run: yarn install
3131

3232
- name: Cache Cargo dependencies
33-
uses: Swatinem/rust-cache@v2
33+
uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
3434
with:
3535
cache-directories: |
3636
~/.cargo/registry/index/

setup-all/action.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ runs:
2929
- run: git submodule update --init --recursive --depth 1
3030
shell: bash
3131

32-
- uses: actions/cache@v4
32+
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
3333
if: inputs.solana_version != ''
3434
name: Cache Solana Tool Suite
3535
id: cache-solana
@@ -95,7 +95,7 @@ runs:
9595
echo "Cache key being used: anchor-cli-${{ runner.os }}-v0003-$VERSION"
9696
echo "========================="
9797
98-
- uses: actions/cache@v4
98+
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
9999
if: inputs.anchor_version != ''
100100
name: Cache Anchor Cli
101101
id: cache-anchor-cli
@@ -130,7 +130,7 @@ runs:
130130
echo "Cache key being used: solana-verify-${{ runner.os }}-v0001-${{ inputs.verify_version }}"
131131
echo "========================="
132132
133-
- uses: actions/cache@v4
133+
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
134134
if: inputs.verify_version != ''
135135
name: Cache Solana Verify
136136
id: cache-solana-verify
@@ -149,12 +149,12 @@ runs:
149149
shell: bash
150150
run: solana-verify --version
151151

152-
- uses: actions/setup-node@v3
152+
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
153153
if: inputs.node_version != ''
154154
with:
155155
node-version: ${{ inputs.node_version }}
156156

157-
- uses: actions/cache@v4
157+
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
158158
name: Cache Toml Cli
159159
id: cache-toml-cli
160160
with:

write-idl-buffer/action.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ runs:
4444
- name: Write IDL buffer
4545
id: write-buffer
4646
if: steps.check-idl.outputs.exists == 'true'
47-
uses: nick-fields/retry@v2
47+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
4848
with:
4949
timeout_minutes: 5
5050
max_attempts: 3
@@ -75,7 +75,7 @@ runs:
7575
7676
- name: Set Buffer Authority
7777
if: steps.write-buffer.outputs.buffer != ''
78-
uses: nick-fields/retry@v2
78+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
7979
with:
8080
timeout_minutes: 5
8181
max_attempts: 3
@@ -91,7 +91,7 @@ runs:
9191
9292
- name: Set Program IDL Authority
9393
if: steps.write-buffer.outputs.buffer != ''
94-
uses: nick-fields/retry@v2
94+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
9595
with:
9696
timeout_minutes: 5
9797
max_attempts: 3

write-metadata-buffer/action.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ runs:
3434

3535
- name: Create metadata buffer
3636
id: create-buffer
37-
uses: nick-fields/retry@v2
37+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
3838
with:
3939
timeout_minutes: 10
4040
max_attempts: 3
@@ -61,7 +61,7 @@ runs:
6161
6262
- name: Transfer buffer authority
6363
if: steps.create-buffer.outputs.buffer != ''
64-
uses: nick-fields/retry@v2
64+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
6565
with:
6666
timeout_minutes: 5
6767
max_attempts: 3

write-program-buffer/action.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ runs:
8888
8989
- name: Write program buffer
9090
id: write-buffer
91-
uses: nick-fields/retry@v2
91+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
9292
with:
9393
timeout_minutes: 60
9494
max_attempts: 3
@@ -128,7 +128,7 @@ runs:
128128
# If the deploy fails you can also close the buffer with the multisig using the cli command squad-closebuffer
129129
- name: Transfer buffer authority
130130
if: steps.check-program.outputs.exists == 'true'
131-
uses: nick-fields/retry@v2
131+
uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60 # v4.0.0
132132
with:
133133
timeout_minutes: 10
134134
max_attempts: 50

0 commit comments

Comments
 (0)