File tree Expand file tree Collapse file tree 5 files changed +7
-7
lines changed Expand file tree Collapse file tree 5 files changed +7
-7
lines changed Original file line number Diff line number Diff line change 31
31
cache : ' pip'
32
32
cache-dependency-path : ' **/setup.cfg'
33
33
- name : Start MongoDB
34
- uses :
supercharge/[email protected]
34
+ uses : supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0
35
35
with :
36
36
mongodb-version : 6.0
37
37
- name : Install deps
Original file line number Diff line number Diff line change 65
65
66
66
- name : Set up QEMU
67
67
if : matrix.buildplat[1] == 'manylinux_aarch64'
68
- uses : docker/setup-qemu-action@v3
68
+ uses : docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
69
69
with :
70
70
# setup-qemu-action by default uses `tonistiigi/binfmt:latest` image,
71
71
# which is out of date. This causes seg faults during build.
Original file line number Diff line number Diff line change @@ -88,14 +88,14 @@ jobs:
88
88
name : all-dist-${{ github.run_id }}
89
89
path : dist/
90
90
- name : Publish package distributions to TestPyPI
91
- uses : pypa/gh-action-pypi-publish@release/v1
91
+ uses : pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1
92
92
with :
93
93
repository-url : https://test.pypi.org/legacy/
94
94
skip-existing : true
95
95
attestations : ${{ env.DRY_RUN }}
96
96
- name : Publish distribution 📦 to PyPI
97
97
if : startsWith(env.DRY_RUN, 'false')
98
- uses : pypa/gh-action-pypi-publish@release/v1
98
+ uses : pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1
99
99
100
100
post-publish :
101
101
needs : [publish]
Original file line number Diff line number Diff line change 56
56
echo "LD_LIBRARY_PATH=$PWD/libbson/lib" >> $GITHUB_ENV
57
57
- name : Start MongoDB on Linux
58
58
if : ${{ startsWith(runner.os, 'Linux') }}
59
- uses :
supercharge/[email protected]
59
+ uses : supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0
60
60
with :
61
61
mongodb-version : 4.4
62
62
mongodb-replica-set : test-rs
Original file line number Diff line number Diff line change @@ -18,15 +18,15 @@ jobs:
18
18
with :
19
19
persist-credentials : false
20
20
- name : Setup Rust
21
- uses : actions-rust-lang/setup-rust-toolchain@v1
21
+ uses : actions-rust-lang/setup-rust-toolchain@9d7e65c320fdb52dcd45ffaa68deb6c02c8754d9 # v1
22
22
- name : Get zizmor
23
23
run : cargo install zizmor
24
24
- name : Run zizmor
25
25
run : zizmor --format sarif . > results.sarif
26
26
env :
27
27
GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
28
28
- name : Upload SARIF file
29
- uses : github/codeql-action/upload-sarif@v3
29
+ uses : github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
30
30
with :
31
31
sarif_file : results.sarif
32
32
category : zizmor
You can’t perform that action at this time.
0 commit comments