diff --git a/.github/workflows/auto-assign-author.yaml b/.github/workflows/auto-assign-author.yaml index ce300cc..331ba55 100644 --- a/.github/workflows/auto-assign-author.yaml +++ b/.github/workflows/auto-assign-author.yaml @@ -10,6 +10,6 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: toshimaru/auto-author-assign@ebd30f10fb56e46eb0759a14951f36991426fed0 # v2.1.0 + - uses: toshimaru/auto-author-assign@16f0022cf3d7970c106d8d1105f75a1165edb516 # v2.1.1 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index b3a43c4..bf2e24c 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -22,14 +22,14 @@ jobs: language: ['typescript', 'javascript'] steps: - name: Checkout repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 + uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 + uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 + uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cee9db5..f92396e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,10 +15,10 @@ jobs: changed: ${{ steps.check.outputs.changed }} version: ${{ steps.check.outputs.version }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Check if version has been updated id: check - uses: EndBug/version-check@d4be4219408b50d1bbbfd350a47cbcb126878692 # v2 + uses: EndBug/version-check@36ff30f37c7deabe56a30caa043d127be658c425 # v2 with: static-checking: localIsNew file-url: https://unpkg.com/@procore/js-sdk/package.json @@ -34,9 +34,9 @@ jobs: env: NODE_VERSION: 20 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Set up node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version: ${{ env.NODE_VERSION }} registry-url: 'https://registry.npmjs.org' @@ -49,7 +49,7 @@ jobs: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - name: Tag the release - uses: anothrNick/github-tag-action@a2c70ae13a881faf2b4953baaa9e49731997ab36 # 1.67.0 + uses: anothrNick/github-tag-action@f278d49d30cdd8775cc3e7dd00b5ee11686ee297 # 1.71.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CUSTOM_TAG: v${{ needs.version-check.outputs.version }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index dca1364..0d7fa87 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -15,9 +15,9 @@ jobs: # https://docs.github.com/en/actions/learn-github-actions/expressions#example runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 - name: Set up node ${{ matrix.node }} - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version: ${{ matrix.node}} cache: 'yarn'