Skip to content

Commit 9f11a1b

Browse files
authored
INTPYTHON-608 Use pinned sources for GitHub Actions (#307)
1 parent 4fe0fc9 commit 9f11a1b

File tree

5 files changed

+7
-7
lines changed

5 files changed

+7
-7
lines changed

.github/workflows/benchmark.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
cache: 'pip'
3232
cache-dependency-path: '**/setup.cfg'
3333
- name: Start MongoDB
34-
uses: supercharge/[email protected]
34+
uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0
3535
with:
3636
mongodb-version: 6.0
3737
- name: Install deps

.github/workflows/dist-python.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ jobs:
6565

6666
- name: Set up QEMU
6767
if: matrix.buildplat[1] == 'manylinux_aarch64'
68-
uses: docker/setup-qemu-action@v3
68+
uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
6969
with:
7070
# setup-qemu-action by default uses `tonistiigi/binfmt:latest` image,
7171
# which is out of date. This causes seg faults during build.

.github/workflows/release-python.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -88,14 +88,14 @@ jobs:
8888
name: all-dist-${{ github.run_id }}
8989
path: dist/
9090
- name: Publish package distributions to TestPyPI
91-
uses: pypa/gh-action-pypi-publish@release/v1
91+
uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1
9292
with:
9393
repository-url: https://test.pypi.org/legacy/
9494
skip-existing: true
9595
attestations: ${{ env.DRY_RUN }}
9696
- name: Publish distribution 📦 to PyPI
9797
if: startsWith(env.DRY_RUN, 'false')
98-
uses: pypa/gh-action-pypi-publish@release/v1
98+
uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1
9999

100100
post-publish:
101101
needs: [publish]

.github/workflows/test-python.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ jobs:
5656
echo "LD_LIBRARY_PATH=$PWD/libbson/lib" >> $GITHUB_ENV
5757
- name: Start MongoDB on Linux
5858
if: ${{ startsWith(runner.os, 'Linux') }}
59-
uses: supercharge/[email protected]
59+
uses: supercharge/mongodb-github-action@90004df786821b6308fb02299e5835d0dae05d0d # 1.12.0
6060
with:
6161
mongodb-version: 4.4
6262
mongodb-replica-set: test-rs

.github/workflows/zizmor.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,15 +18,15 @@ jobs:
1818
with:
1919
persist-credentials: false
2020
- name: Setup Rust
21-
uses: actions-rust-lang/setup-rust-toolchain@v1
21+
uses: actions-rust-lang/setup-rust-toolchain@9d7e65c320fdb52dcd45ffaa68deb6c02c8754d9 # v1
2222
- name: Get zizmor
2323
run: cargo install zizmor
2424
- name: Run zizmor
2525
run: zizmor --format sarif . > results.sarif
2626
env:
2727
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
2828
- name: Upload SARIF file
29-
uses: github/codeql-action/upload-sarif@v3
29+
uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
3030
with:
3131
sarif_file: results.sarif
3232
category: zizmor

0 commit comments

Comments
 (0)