From 4f693aeaf3500e5c5e9c38f6093a7e1b83eb6f54 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 14 Nov 2025 18:35:35 +0100 Subject: [PATCH] chore(deps): pin dependencies (#1478) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .../check_config_creation_if_not_exists.yml | 2 +- .github/workflows/check_i18n.yml | 2 +- .../check_security_vulnerability.yml | 4 ++-- .github/workflows/ci.yml | 6 +++--- .github/workflows/create_release_assets.yml | 8 ++++---- .github/workflows/dependency-review.yml | 2 +- .github/workflows/lint_pr.yml | 2 +- .github/workflows/release-plz.yml | 8 ++++---- .github/workflows/release_to_pypi.yml | 20 +++++++++---------- .github/workflows/scorecards.yml | 6 +++--- 10 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/check_config_creation_if_not_exists.yml b/.github/workflows/check_config_creation_if_not_exists.yml index b6c1d8d8..2c998e47 100644 --- a/.github/workflows/check_config_creation_if_not_exists.yml +++ b/.github/workflows/check_config_creation_if_not_exists.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/check_i18n.yml b/.github/workflows/check_i18n.yml index 41c5a4c2..ac2077c1 100644 --- a/.github/workflows/check_i18n.yml +++ b/.github/workflows/check_i18n.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index c7ed3a1d..bc862770 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -32,6 +32,6 @@ jobs: uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16 - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v4.31.2 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b9260681..ebf1f3d2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -39,7 +39,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -135,7 +135,7 @@ jobs: matrix_target: ${{ matrix.target }} steps: - name: Checkout code - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/create_release_assets.yml b/.github/workflows/create_release_assets.yml index 30927a25..9b106cc5 100644 --- a/.github/workflows/create_release_assets.yml +++ b/.github/workflows/create_release_assets.yml @@ -33,7 +33,7 @@ jobs: env: tag: ${{ github.event.client_payload.tag }} steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -137,7 +137,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Generate artifact attestations - uses: actions/attest-build-provenance@v3.0.0 + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 with: subject-path: assets/* @@ -169,7 +169,7 @@ jobs: matrix_target: ${{ matrix.target }} tag: ${{ github.event.client_payload.tag }} steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -284,7 +284,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Generate artifact attestations - uses: actions/attest-build-provenance@v3.0.0 + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 with: subject-path: assets/* diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2fe10a30..63f9132b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/lint_pr.yml b/.github/workflows/lint_pr.yml index 65e72ee9..2d3690a7 100644 --- a/.github/workflows/lint_pr.yml +++ b/.github/workflows/lint_pr.yml @@ -14,6 +14,6 @@ jobs: permissions: pull-requests: read steps: - - uses: amannn/action-semantic-pull-request@v6.1.1 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-plz.yml b/.github/workflows/release-plz.yml index ee74d0ff..1dbef43c 100644 --- a/.github/workflows/release-plz.yml +++ b/.github/workflows/release-plz.yml @@ -17,7 +17,7 @@ jobs: id-token: write # For trusted publishing steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: fetch-depth: 0 persist-credentials: false @@ -25,7 +25,7 @@ jobs: uses: dtolnay/rust-toolchain@stable - name: Run release-plz id: release-plz - uses: release-plz/action@v0.5 + uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5 with: command: release env: @@ -53,14 +53,14 @@ jobs: cancel-in-progress: false steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: fetch-depth: 0 persist-credentials: false - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable - name: Run release-plz - uses: release-plz/action@v0.5 + uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5 with: command: release-pr env: diff --git a/.github/workflows/release_to_pypi.yml b/.github/workflows/release_to_pypi.yml index 41daf90d..0c421115 100644 --- a/.github/workflows/release_to_pypi.yml +++ b/.github/workflows/release_to_pypi.yml @@ -15,7 +15,7 @@ jobs: matrix: target: [x86_64, x86, aarch64] steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -26,7 +26,7 @@ jobs: args: --release --out dist manylinux: auto - name: Upload wheels - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: wheels-linux-${{ matrix.target }} path: dist @@ -37,7 +37,7 @@ jobs: matrix: target: [x64, x86] steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -47,7 +47,7 @@ jobs: target: ${{ matrix.target }} args: --release --out dist - name: Upload wheels - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: wheels-windows-${{ matrix.target }} path: dist @@ -58,7 +58,7 @@ jobs: matrix: target: [x86_64, aarch64] steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -68,7 +68,7 @@ jobs: target: ${{ matrix.target }} args: --release --out dist - name: Upload wheels - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: wheels-macos-${{ matrix.target }} path: dist @@ -76,7 +76,7 @@ jobs: sdist: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -86,7 +86,7 @@ jobs: command: sdist args: --out dist - name: Upload sdist - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: wheels-sdist path: dist @@ -103,10 +103,10 @@ jobs: # Used to generate artifact attestation attestations: write steps: - - uses: actions/download-artifact@v6.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - name: Generate artifact attestation - uses: actions/attest-build-provenance@v3.0.0 + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 with: subject-path: 'wheels-*/*' diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index ee130b48..a463d35b 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@v5.0.0 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v4.31.2 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: sarif_file: results.sarif