From 32a8b09142689a63ad6665575e9c85943ad5be37 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Thu, 1 May 2025 15:52:54 +0200 Subject: [PATCH] Pin action versions Signed-off-by: Knut Ahlers --- .github/workflows/codeql.yml | 45 ++++++++++----------- .github/workflows/docker-publish.yml | 13 +++--- .github/workflows/pr-regen-translations.yml | 9 ++--- .github/workflows/test-and-build.yml | 9 ++--- 4 files changed, 32 insertions(+), 44 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 31f7fa7..44d7ec9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,13 +1,12 @@ --- - -name: "CodeQL" +name: 'CodeQL' on: push: - branches: [ "master" ] + branches: ['master'] pull_request: # The branches below must be a subset of the branches above - branches: [ "master" ] + branches: ['master'] schedule: - cron: '38 21 * * 3' @@ -24,29 +23,27 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'go', 'javascript' ] + language: ['go', 'javascript'] steps: - - name: Checkout repository - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@v4.2.2 - - name: Install Go - uses: actions/setup-go@v4 - with: - go-version-file: go.mod + - name: Install Go + uses: actions/setup-go@v5.4.0 + with: + go-version-file: go.mod - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2.21.2 + with: + languages: ${{ matrix.language }} - - name: Autobuild - uses: github/codeql-action/autobuild@v2 + - name: Autobuild + uses: github/codeql-action/autobuild@v2.21.2 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" - -... + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2.21.2 + with: + category: '/language:${{matrix.language}}' diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index ab7a8db..a41975f 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -1,5 +1,4 @@ --- - name: docker-publish on: push: @@ -19,18 +18,18 @@ jobs: steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v3.6.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.10.0 - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: lfs: true show-progress: false - name: Log into registry - uses: docker/login-action@v3 + uses: docker/login-action@v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -41,11 +40,9 @@ jobs: run: bash ci/docker-gen-tagnames.sh - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v6.16.0 with: context: . platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.taggen.outputs.docker_build_tags }} - -... diff --git a/.github/workflows/pr-regen-translations.yml b/.github/workflows/pr-regen-translations.yml index 4d467fc..740c2dd 100644 --- a/.github/workflows/pr-regen-translations.yml +++ b/.github/workflows/pr-regen-translations.yml @@ -1,9 +1,8 @@ --- - name: pull-request-ci on: pull_request_target: - paths: ["i18n.yaml"] + paths: ['i18n.yaml'] jobs: generate-translations: @@ -23,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.head_ref }} @@ -35,10 +34,8 @@ jobs: working-directory: ./ci/translate run: go run . - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@v5.2.0 with: commit_author: 'github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>' commit_message: 'CI: Update embedded translations' file_pattern: 'src/langs/langs.js' - -... diff --git a/.github/workflows/test-and-build.yml b/.github/workflows/test-and-build.yml index bb4396f..508abbe 100644 --- a/.github/workflows/test-and-build.yml +++ b/.github/workflows/test-and-build.yml @@ -1,5 +1,4 @@ --- - name: test-and-build on: push: @@ -25,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.2.2 - name: Marking workdir safe run: git config --global --add safe.directory /__w/ots/ots @@ -55,7 +54,7 @@ jobs: grep -q "### Language" translate-issue.md || rm -f translate-issue.md - name: Update Translations Issue - uses: JasonEtco/create-an-issue@v2 + uses: JasonEtco/create-an-issue@v2.9.2 if: github.ref == 'refs/heads/master' && hashFiles('translate-issue.md') != '' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -78,12 +77,10 @@ jobs: run: 'awk "/^#/ && ++c==2{exit}; /^#/f" "History.md" | tail -n +2 >release_changelog.md' - name: Release - uses: ncipollo/release-action@v1 + uses: ncipollo/release-action@v1.16.0 if: startsWith(github.ref, 'refs/tags/') with: artifacts: '.build/*' bodyFile: release_changelog.md draft: false generateReleaseNotes: false - -...