Skip to content

Commit f0dfcd5

Browse files
UlisesGasconUlisesGascon
committed
feat: pin github action dependencies
Related NativeScript/nativescript-cli#5880
1 parent 9914454 commit f0dfcd5

File tree

7 files changed

+16
-16
lines changed

7 files changed

+16
-16
lines changed

.github/workflows/apps_automated_android.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -23,25 +23,25 @@ jobs:
2323
runs-on: ubuntu-latest
2424

2525
steps:
26-
- uses: actions/checkout@v4
26+
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
2727

2828

29-
- uses: actions/setup-node@v4
29+
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
3030
with:
3131
node-version: 23.5.0
3232

3333
- name: Derive appropriate SHAs for base and head for `nx affected` commands
34-
uses: nrwl/nx-set-shas@v4
34+
uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3
3535
with:
3636
main-branch-name: 'main'
3737

38-
- uses: actions/setup-java@v4
38+
- uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
3939
with:
4040
distribution: 'temurin'
4141
java-version: '21'
4242

4343
- name: Install Python
44-
uses: actions/setup-python@v5
44+
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
4545
with:
4646
python-version: '3'
4747

@@ -65,7 +65,7 @@ jobs:
6565
sudo udevadm trigger --name-match=kvm
6666
6767
- name: Run tests on Android Emulator
68-
uses: reactivecircus/android-emulator-runner@v2
68+
uses: reactivecircus/android-emulator-runner@1dcd0090116d15e7c562f8db72807de5e036a4ed # v2.34.0
6969
with:
7070
api-level: 34
7171
arch: x86_64

.github/workflows/apps_automated_ios.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,17 +24,17 @@ jobs:
2424
runs-on: warp-macos-15-arm64-6x
2525

2626
steps:
27-
- uses: actions/checkout@v4
27+
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
2828

2929
# - name: ActionDebugger By Warpbuild
3030
# uses: Warpbuilds/[email protected]
3131

32-
- uses: actions/setup-node@v4
32+
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
3333
with:
3434
node-version: 23.5.0
3535

3636
- name: Derive appropriate SHAs for base and head for `nx affected` commands
37-
uses: nrwl/nx-set-shas@v4
37+
uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3
3838
with:
3939
main-branch-name: 'main'
4040

@@ -52,7 +52,7 @@ jobs:
5252
run: npx nx run-many --target=test --configuration=ci --projects=core
5353

5454
- name: Start iOS Simulator
55-
uses: futureware-tech/simulator-action@v4
55+
uses: futureware-tech/simulator-action@dab10d813144ef59b48d401cd95da151222ef8cd # v4
5656
with:
5757
model: 'iPhone 16 Pro'
5858
os_version: '18.4'

.github/workflows/npm_release_core.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,13 @@ jobs:
1919
runs-on: ubuntu-latest
2020

2121
steps:
22-
- uses: actions/checkout@v2
22+
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
2323

2424
- name: Setup
2525
run: npm run setup
2626

2727
- name: Derive appropriate SHAs for base and head for `nx affected` commands
28-
uses: nrwl/nx-set-shas@v4
28+
uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3
2929
with:
3030
main-branch-name: 'main'
3131

.github/workflows/npm_release_tns_core.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
runs-on: ubuntu-latest
1919

2020
steps:
21-
- uses: actions/checkout@v2
21+
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
2222

2323
- name: Setup
2424
run: npm install

.github/workflows/npm_release_types.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
- name: Todo
2222
run: |
2323
echo "TODO: implement action"
24-
# - uses: actions/checkout@v2
24+
# - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
2525
#
2626
# - name: Setup
2727
# run: npm install

.github/workflows/npm_release_webpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: ubuntu-latest
1818

1919
steps:
20-
- uses: actions/checkout@v2
20+
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
2121

2222
- name: Setup
2323
run: npm install

.github/workflows/ossf-scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,6 @@ jobs:
7373
# Upload the results to GitHub's code scanning dashboard (optional).
7474
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
7575
- name: "Upload to code-scanning"
76-
uses: github/codeql-action/upload-sarif@v3
76+
uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0
7777
with:
7878
sarif_file: results.sarif

0 commit comments

Comments
 (0)