Skip to content

Commit 1e769f0

Browse files
theofidrytheofidry
committed
Merge remote-tracking branch 'upstream/main' into ci/php84
2 parents 27150e5 + c2c1a16 commit 1e769f0

File tree

11 files changed

+145
-128
lines changed

11 files changed

+145
-128
lines changed

.github/actions/install-tool/action.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ runs:
1616
using: composite
1717
steps:
1818
- name: Install PHP-CS-Fixer
19-
uses: ramsey/composer-install@v2
19+
uses: ramsey/composer-install@1919f6c305aea6ab10e6181a8ddf72317ad77e0e # 2.3.1
2020
with:
2121
working-directory: 'vendor-bin/${{ inputs.vendor-bin-tool }}'
2222

.github/actions/install-vendor/action.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,6 @@ runs:
2020
shell: sh
2121

2222
- name: Install Composer dependencies
23-
uses: ramsey/composer-install@v2
23+
uses: ramsey/composer-install@1919f6c305aea6ab10e6181a8ddf72317ad77e0e # 2.3.1
2424
with:
25-
dependency-versions: ${{ inputs.dependency-versions }}
25+
dependency-versions: ${{ inputs.dependency-versions }}

.github/dependabot.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ updates:
3939
- "*"
4040

4141
- package-ecosystem: "github-actions"
42-
directory: ".github/workflows"
42+
directory: ".github"
4343
schedule:
4444
interval: "weekly"
4545
groups:

.github/workflows/composer-root-version.yaml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,10 @@ jobs:
1919
name: Lint CS
2020
steps:
2121
- name: Checkout
22-
uses: actions/checkout@v4
22+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2323

2424
- name: Setup PHP
25-
uses: shivammathur/setup-php@v2
25+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
2626
with:
2727
php-version: '8.2'
2828
tools: composer
@@ -41,7 +41,7 @@ jobs:
4141
makefile-command: php_cs_fixer_install
4242

4343
- name: Install the Composer dependencies
44-
uses: ramsey/composer-install@v3
44+
uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1
4545
with:
4646
working-directory: 'composer-root-version-checker'
4747

@@ -58,16 +58,16 @@ jobs:
5858

5959
steps:
6060
- name: Checkout
61-
uses: actions/checkout@v4
61+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
6262

6363
- name: Setup PHP
64-
uses: shivammathur/setup-php@v2
64+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
6565
with:
6666
php-version: "${{ matrix.php }}"
6767
tools: composer
6868

6969
- name: Install the Composer dependencies
70-
uses: ramsey/composer-install@v3
70+
uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1
7171
with:
7272
working-directory: 'composer-root-version-checker'
7373

@@ -99,21 +99,21 @@ jobs:
9999
runs-on: ubuntu-latest
100100
steps:
101101
- name: Checkout
102-
uses: actions/checkout@v4
102+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
103103
with:
104104
ref: ${{ github.head_ref }}
105105
fetch-depth: '0' # Ensures the tags are fetched
106106
token: ${{ secrets.GITHUB_TOKEN }}
107107

108108
- name: Setup PHP
109-
uses: shivammathur/setup-php@v2
109+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
110110
with:
111111
php-version: '8.4'
112112
tools: composer
113113
coverage: none
114114

115115
- name: Install the Composer dependencies
116-
uses: ramsey/composer-install@v3
116+
uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1
117117
with:
118118
working-directory: 'composer-root-version-checker'
119119

@@ -132,7 +132,7 @@ jobs:
132132
133133
- name: Create Pull Request
134134
if: env.composer_root_version_changed == 'true'
135-
uses: peter-evans/create-pull-request@v7
135+
uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
136136
with:
137137
token: ${{ secrets.GITHUB_TOKEN }}
138138
branch-suffix: random

.github/workflows/e2e-tests.yaml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -28,12 +28,12 @@ jobs:
2828
- '8.4'
2929
steps:
3030
- name: Checkout
31-
uses: actions/checkout@v4
31+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
3232
with:
3333
fetch-depth: 0
3434

3535
- name: Setup PHP
36-
uses: shivammathur/setup-php@v2
36+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
3737
with:
3838
php-version: ${{ matrix.php }}
3939
ini-values: phar.readonly=0
@@ -50,7 +50,7 @@ jobs:
5050
- name: Ensure the PHAR works
5151
run: bin/php-scoper.phar --version
5252

53-
- uses: actions/upload-artifact@v4
53+
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
5454
name: Upload the PHAR artifact
5555
with:
5656
name: php-scoper-phar-${{ matrix.php }}
@@ -104,12 +104,12 @@ jobs:
104104

105105
steps:
106106
- name: Checkout
107-
uses: actions/checkout@v4
107+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
108108
with:
109109
fetch-depth: 0
110110

111111
- name: Setup PHP
112-
uses: shivammathur/setup-php@v2
112+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
113113
with:
114114
php-version: ${{ matrix.php }}
115115
ini-values: phar.readonly=0
@@ -123,7 +123,7 @@ jobs:
123123
uses: ./.github/actions/install-vendor
124124

125125
- name: Retrieve built PHAR
126-
uses: actions/download-artifact@v4
126+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.037930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
127127
with:
128128
name: php-scoper-phar-${{ matrix.php }}
129129
path: bin
@@ -167,13 +167,13 @@ jobs:
167167

168168
steps:
169169
- name: Checkout PHPUnit code
170-
uses: actions/checkout@v4
170+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
171171
with:
172172
repository: 'sebastianbergmann/phpunit'
173173

174174

175175
- name: Install PHP with extensions
176-
uses: shivammathur/setup-php@v2
176+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
177177
with:
178178
php-version: ${{ matrix.php-version }}
179179
coverage: ${{ matrix.coverage }}
@@ -182,13 +182,13 @@ jobs:
182182
tools: none
183183

184184
- name: Install java
185-
uses: actions/setup-java@v4
185+
uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
186186
with:
187187
distribution: zulu
188188
java-version: 11
189189

190190
- name: Retrieve built PHP-Scoper PHAR
191-
uses: actions/download-artifact@v4
191+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.037930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
192192
with:
193193
name: php-scoper-phar-${{ matrix.php-version }}
194194
path: bin

.github/workflows/lint.yaml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,10 @@ jobs:
1919
name: CS
2020
steps:
2121
- name: Checkout
22-
uses: actions/checkout@v4
22+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2323

2424
- name: Setup PHP
25-
uses: shivammathur/setup-php@v2
25+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
2626
with:
2727
php-version: '8.2'
2828
tools: composer
@@ -43,10 +43,10 @@ jobs:
4343
name: PHPStan
4444
steps:
4545
- name: Checkout
46-
uses: actions/checkout@v4
46+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
4747

4848
- name: Setup PHP
49-
uses: shivammathur/setup-php@v2
49+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
5050
with:
5151
php-version: '8.4'
5252
tools: composer
@@ -67,10 +67,10 @@ jobs:
6767
name: Rector
6868
steps:
6969
- name: Checkout
70-
uses: actions/checkout@v4
70+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
7171

7272
- name: Setup PHP
73-
uses: shivammathur/setup-php@v2
73+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
7474
with:
7575
php-version: '8.2'
7676
tools: composer

.github/workflows/release.yaml

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -25,12 +25,12 @@ jobs:
2525
name: Build PHAR
2626
steps:
2727
- name: Checkout
28-
uses: actions/checkout@v4
28+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2929
with:
3030
fetch-depth: 0
3131

3232
- name: Setup PHP
33-
uses: shivammathur/setup-php@v2
33+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
3434
with:
3535
php-version: '8.2'
3636
ini-values: phar.readonly=0
@@ -52,7 +52,7 @@ jobs:
5252

5353
- name: Import GPG key
5454
if: github.event_name == 'release'
55-
uses: crazy-max/ghaction-import-gpg@v6
55+
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
5656
with:
5757
gpg_private_key: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE }}
5858
passphrase: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE_PASSPHRASE }}
@@ -69,7 +69,7 @@ jobs:
6969
bin/php-scoper.phar
7070
7171
- name: Upload the PHAR artifact
72-
uses: actions/upload-artifact@v4
72+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
7373
with:
7474
name: php-scoper-phar
7575
path: |
@@ -85,13 +85,13 @@ jobs:
8585
permissions:
8686
contents: write
8787
steps:
88-
- uses: actions/download-artifact@v4
88+
- uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
8989
with:
9090
name: php-scoper-phar
9191
path: .
9292

9393
- name: Upload php-scoper.phar
94-
uses: softprops/action-gh-release@v2
94+
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
9595
with:
9696
token: ${{ secrets.GITHUB_TOKEN }}
9797
files: |
@@ -105,14 +105,14 @@ jobs:
105105
- build-phar
106106
steps:
107107
- name: Checkout
108-
uses: actions/checkout@v4
108+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
109109

110110
- name: Setup PHP
111-
uses: shivammathur/setup-php@v2
111+
uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0
112112
with:
113113
php-version: '8.2'
114114

115-
- uses: actions/download-artifact@v4
115+
- uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
116116
with:
117117
name: php-scoper-phar
118118
path: .
@@ -126,14 +126,14 @@ jobs:
126126
./bin/php-scoper.phar --ansi --version
127127
128128
- name: Set up QEMU
129-
uses: docker/setup-qemu-action@v3
129+
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
130130

131131
- name: Set up Docker Buildx
132-
uses: docker/setup-buildx-action@v3
132+
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
133133

134134
- name: Login to Docker Container Registry
135135
if: github.event_name == 'release'
136-
uses: docker/login-action@v3
136+
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
137137
with:
138138
username: ${{ env.DOCKERHUB_USERNAME }}
139139
password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -153,7 +153,7 @@ jobs:
153153
154154
- name: Login to GitHub Container Registry
155155
if: github.event_name != 'release'
156-
uses: docker/login-action@v3
156+
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
157157
with:
158158
registry: ghcr.io
159159
username: ${{ github.actor }}
@@ -166,7 +166,7 @@ jobs:
166166
echo "DOCKER_TEST_TAG=ghcr.io/humbugphp/php-scoper" >> $GITHUB_ENV
167167
168168
- name: Build and export to Docker
169-
uses: docker/build-push-action@v6
169+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
170170
with:
171171
context: .
172172
file: ${{ env.DOCKERFILE }}
@@ -179,7 +179,7 @@ jobs:
179179

180180
- name: Build and push
181181
if: github.event_name == 'release'
182-
uses: docker/build-push-action@v6
182+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
183183
with:
184184
context: .
185185
file: ${{ env.DOCKERFILE }}

.github/workflows/security.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,16 +21,16 @@ jobs:
2121
name: Check Dependencies
2222
steps:
2323
- name: Checkout
24-
uses: actions/checkout@v4
24+
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2525
with:
2626
fetch-depth: 0
2727

2828
- name: Cache the vulnerability database
29-
uses: actions/cache@v4
29+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
3030
id: cache-db
3131
with:
3232
path: ~/.symfony/cache
3333
key: db
3434

3535
- name: Checks dependencies for known vulnerabilities
36-
uses: symfonycorp/security-checker-action@v5
36+
uses: symfonycorp/security-checker-action@258311ef7ac571f1310780ef3d79fc5abef642b5 # v5

0 commit comments

Comments
 (0)