From 2c13683eb3fe2882f7a3978e4f8dd1b462b67c21 Mon Sep 17 00:00:00 2001 From: Clement Tsang <34804052+ClementTsang@users.noreply.github.com> Date: Thu, 11 May 2023 00:42:39 -0400 Subject: ci: pin and update some workflow actions (#1145) * ci: pin and update some workflow actions * also update setup-python * and rust-toolchain --- .github/workflows/audit.yml | 6 +++--- .github/workflows/build_releases.yml | 14 +++++++------- .github/workflows/ci.yml | 8 ++++---- .github/workflows/clear-workflow-cache.yml | 2 +- .github/workflows/coverage.yml | 4 ++-- .github/workflows/deployment.yml | 10 +++++----- .github/workflows/docs.yml | 4 ++-- .github/workflows/nightly.yml | 2 +- .github/workflows/post-release.yml | 6 +++--- .github/workflows/test-docs.yml | 4 ++-- 10 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 4b2bf5a7..1dde4ec8 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable @@ -22,6 +22,6 @@ jobs: run: | cargo install cargo-audit --locked - - uses: rustsec/audit-check@bb800784d9c5b0afa352b75dae201bf2e438960a # https://github.com/rustsec/audit-check/commit/bb800784d9c5b0afa352b75dae201bf2e438960a + - uses: rustsec/audit-check@dd51754d4e59da7395a4cd9b593f0ff2d61a9b95 # v1.4.1 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build_releases.yml b/.github/workflows/build_releases.yml index 50598004..0232a863 100644 --- a/.github/workflows/build_releases.yml +++ b/.github/workflows/build_releases.yml @@ -122,13 +122,13 @@ jobs: } steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 1 - name: Set up Rust toolchain if: matrix.info.container == '' - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable target: ${{ matrix.info.target }} @@ -208,7 +208,7 @@ jobs: runs-on: "windows-2019" steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 1 @@ -222,7 +222,7 @@ jobs: args: install -y wixtoolset - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable target: x86_64-pc-windows-msvc @@ -254,7 +254,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 @@ -316,12 +316,12 @@ jobs: } steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 1 - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable target: ${{ matrix.info.target }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cf35df72..5df4f601 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -87,10 +87,10 @@ jobs: features: ["--all-features", "--no-default-features"] steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable components: rustfmt, clippy @@ -232,10 +232,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: ${{ matrix.info.rust }} target: ${{ matrix.info.target }} diff --git a/.github/workflows/clear-workflow-cache.yml b/.github/workflows/clear-workflow-cache.yml index 7fce00ae..2b096129 100644 --- a/.github/workflows/clear-workflow-cache.yml +++ b/.github/workflows/clear-workflow-cache.yml @@ -22,7 +22,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 1 diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index f1550500..ad6f9bbf 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -48,10 +48,10 @@ jobs: - { os: "windows-2019", target: "x86_64-pc-windows-msvc" } steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Rust toolchain - uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33 + uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d with: toolchain: stable diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index f9566f8e..9300edb4 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -62,12 +62,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 1 - name: Get release version - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: release-version path: release-version @@ -83,7 +83,7 @@ jobs: echo "Release version: ${{ env.RELEASE_VERSION }}" - name: Get release artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: release path: release @@ -111,7 +111,7 @@ jobs: needs: [generate-choco, build-release] steps: - name: Get release version - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: release-version path: release-version @@ -127,7 +127,7 @@ jobs: echo "Release version: ${{ env.RELEASE_VERSION }}" - name: Get release artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: release path: release diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 1ae54f73..9c21170c 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -21,11 +21,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - - uses: actions/setup-python@v4.5.0 + - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.11 diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 2b05204d..b62244f0 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -50,7 +50,7 @@ jobs: needs: [build-release] steps: - name: Get release artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: release path: release diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 26b6e7a4..2796557c 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 @@ -35,7 +35,7 @@ jobs: exit 1 fi - - uses: actions/setup-python@v4.5.0 + - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.11 @@ -66,7 +66,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set env run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV diff --git a/.github/workflows/test-docs.yml b/.github/workflows/test-docs.yml index acbce283..5927e721 100644 --- a/.github/workflows/test-docs.yml +++ b/.github/workflows/test-docs.yml @@ -29,11 +29,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - - uses: actions/setup-python@v4.5.0 + - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.11 -- cgit v1.2.3