Skip to content

Commit 9d593f2

Browse files
okwasniewskiokwasniewski
authored
chore(ci): pin GitHub Actions to commit SHAs (#497)
1 parent a66a108 commit 9d593f2

4 files changed

Lines changed: 19 additions & 19 deletions

File tree

.github/actions/setup/action.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,13 @@ runs:
55
using: composite
66
steps:
77
- name: Setup Node.js
8-
uses: actions/setup-node@v4
8+
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
99
with:
1010
node-version-file: .nvmrc
1111

1212
- name: Cache dependencies
1313
id: yarn-cache
14-
uses: actions/cache@v4
14+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
1515
with:
1616
path: |
1717
**/node_modules

.github/workflows/ci.yml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
runs-on: ubuntu-latest
1717
steps:
1818
- name: Checkout
19-
uses: actions/checkout@v4
19+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2020

2121
- name: Setup
2222
uses: ./.github/actions/setup
@@ -31,17 +31,17 @@ jobs:
3131
runs-on: ubuntu-latest
3232
steps:
3333
- name: Checkout Repository
34-
uses: actions/checkout@v2
34+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
3535
- name: SwiftLint
36-
uses: norio-nomura/action-swiftlint@3.2.1
36+
uses: norio-nomura/action-swiftlint@9f4dcd7fd46b4e75d7935cf2f4df406d5cae3684 # 3.2.1
3737
env:
3838
WORKING_DIRECTORY: Source
3939

4040
build-library:
4141
runs-on: ubuntu-latest
4242
steps:
4343
- name: Checkout
44-
uses: actions/checkout@v4
44+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
4545

4646
- name: Setup
4747
uses: ./.github/actions/setup
@@ -55,7 +55,7 @@ jobs:
5555
TURBO_CACHE_DIR: .turbo/android
5656
steps:
5757
- name: Checkout
58-
uses: actions/checkout@v4
58+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
5959

6060
- name: Setup
6161
uses: ./.github/actions/setup
@@ -64,7 +64,7 @@ jobs:
6464
run: yarn build
6565

6666
- name: Cache turborepo for Android
67-
uses: actions/cache@v4
67+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
6868
with:
6969
path: ${{ env.TURBO_CACHE_DIR }}
7070
key: ${{ runner.os }}-turborepo-android-${{ hashFiles('yarn.lock') }}
@@ -81,7 +81,7 @@ jobs:
8181
8282
- name: Install JDK
8383
if: env.turbo_cache_hit != 1
84-
uses: actions/setup-java@v4
84+
uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
8585
with:
8686
distribution: 'zulu'
8787
java-version: '17'
@@ -93,7 +93,7 @@ jobs:
9393
9494
- name: Cache Gradle
9595
if: env.turbo_cache_hit != 1
96-
uses: actions/cache@v4
96+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
9797
with:
9898
path: |
9999
~/.gradle/wrapper
@@ -115,7 +115,7 @@ jobs:
115115
TURBO_CACHE_DIR: .turbo/ios
116116
steps:
117117
- name: Checkout
118-
uses: actions/checkout@v4
118+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
119119

120120
- name: Setup
121121
uses: ./.github/actions/setup
@@ -124,7 +124,7 @@ jobs:
124124
run: yarn build
125125

126126
- name: Cache turborepo for iOS
127-
uses: actions/cache@v4
127+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
128128
with:
129129
path: ${{ env.TURBO_CACHE_DIR }}
130130
key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}

.github/workflows/deploy-docs.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -21,14 +21,14 @@ jobs:
2121
runs-on: ubuntu-latest
2222
steps:
2323
- name: Checkout
24-
uses: actions/checkout@v4
24+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2525
with:
2626
fetch-depth: 0 # Not needed if lastUpdated is not enabled
2727
- name: Setup
2828
uses: ./.github/actions/setup
2929

3030
- name: Setup Pages
31-
uses: actions/configure-pages@v5
31+
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
3232

3333
- name: Install dependencies
3434
working-directory: docs
@@ -40,7 +40,7 @@ jobs:
4040
yarn run build
4141
4242
- name: Upload artifact
43-
uses: actions/upload-pages-artifact@v3
43+
uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
4444
with:
4545
path: docs/doc_build
4646

@@ -55,4 +55,4 @@ jobs:
5555
steps:
5656
- name: Deploy to GitHub Pages
5757
id: deployment
58-
uses: actions/deploy-pages@v4
58+
uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5

.github/workflows/release.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,18 +17,18 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Checkout Repo
20-
uses: actions/checkout@v4
20+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2121

2222
- name: Setup Node.js 20
23-
uses: actions/setup-node@v4
23+
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
2424
with:
2525
node-version: 20
2626

2727
- name: Install Dependencies
2828
run: yarn
2929

3030
- name: Create Release Pull Request or Publish to NPM
31-
uses: changesets/action@v1
31+
uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba # v1.5.3
3232
with:
3333
version: yarn version-packages
3434
publish: yarn publish-packages

0 commit comments

Comments
 (0)