diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7c74bb2..e5b6349 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,14 +14,14 @@ jobs: - name: install dependencies run: sudo apt update -qq && sudo apt -y install libxml2-utils - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # master with: php-version: '8.1' coverage: 'none' - name: Cache dependencies - uses: actions/cache@v3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: '~/.cache/composer' key: "cache-composer-${{ hashFiles('composer.json') }}" @@ -63,15 +63,15 @@ jobs: git config --global core.autocrlf false git config --global core.eol lf - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # master with: coverage: 'xdebug' php-version: ${{ matrix.php_version }} extensions: ast-1.1.1 - name: Cache dependencies - uses: actions/cache@v3 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: '~/.cache/composer' key: "cache-composer-${{ hashFiles('composer.json') }}" @@ -101,17 +101,17 @@ jobs: run: php vendor/bin/phpunit --coverage-clover=coverage.xml --coverage-cobertura=cobertura.xml --log-junit=junit.xml - name: Upload coverage to Codecov if: ${{ matrix.os != 'windows-latest' && matrix.php_version == '8.1' && matrix.dependencies_level != '--prefer-lowest' }} - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: token: ${{ secrets.CODECOV_TOKEN }} - name: Upload test results to Codecov if: ${{ matrix.os != 'windows-latest' && matrix.php_version == '8.1' && matrix.dependencies_level != '--prefer-lowest' }} - uses: codecov/test-results-action@v1 + uses: codecov/test-results-action@47f89e9acb64b76debcd5ea40642d25a4adced9f # v1.1.1 with: token: ${{ secrets.CODECOV_TOKEN }} - name: Upload coverage to Qlty if: ${{ matrix.os != 'windows-latest' && matrix.php_version == '8.1' && matrix.dependencies_level != '--prefer-lowest' }} - uses: qltysh/qlty-action/coverage@v1 + uses: qltysh/qlty-action/coverage@a19242102d17e497f437d7466aa01b528537e899 # v2.2.0 with: token: ${{ secrets.QLTY_COVERAGE_TOKEN }} files: cobertura.xml @@ -125,10 +125,10 @@ jobs: if: always() runs-on: ubuntu-latest steps: - - uses: technote-space/workflow-conclusion-action@v3 + - uses: technote-space/workflow-conclusion-action@45ce8e0eb155657ab8ccf346ade734257fd196a5 # v3.0.3 - name: Post to a Slack channel id: slack - uses: slackapi/slack-github-action@v1.23.0 + uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 with: # Slack channel id, channel name, or user id to post a message. # See also: https://api.slack.com/methods/chat.postMessage#channels diff --git a/.pinact.yaml b/.pinact.yaml new file mode 100644 index 0000000..5c100ff --- /dev/null +++ b/.pinact.yaml @@ -0,0 +1,14 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/suzuki-shunsuke/pinact/refs/heads/main/json-schema/pinact.json +# pinact - https://github.com/suzuki-shunsuke/pinact +version: 3 +# files: +# - pattern: action.yaml +# - pattern: */action.yaml + +ignore_actions: +# - name: slsa-framework/slsa-github-generator/\.github/workflows/generator_generic_slsa3\.yml +# ref: v\d+\.\d+\.\d+ +# - name: actions/.* +# ref: main +# - name: suzuki-shunsuke/.* +# ref: release-.*