From 1ac5f8bf8ccb19a41cc99dcab4d37d02c0fbf277 Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:42 -0500 Subject: [PATCH 1/8] Pin (and upgrade) immutable-eligible action actions/setup-python to their semantic versions --- .github/workflows/super-linter.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml index 66746a3..024ec0b 100644 --- a/.github/workflows/super-linter.yaml +++ b/.github/workflows/super-linter.yaml @@ -23,7 +23,7 @@ jobs: with: fetch-depth: 0 - name: Setup Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@5.3.0 with: python-version: "3.12" - name: Install dependencies From 39cd4b91e282877bcd27f19809a66409ff48935a Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:44 -0500 Subject: [PATCH 2/8] Pin (and upgrade) immutable-eligible action actions/upload-artifact to their semantic versions --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0838057..ed5e29e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -36,7 +36,7 @@ jobs: results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@4.4.3 with: name: SARIF file path: results.sarif From 5d9d13515d0b7e12a0f857abd2e87c8c7cb243f1 Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:46 -0500 Subject: [PATCH 3/8] Pin (and upgrade) immutable-eligible action actions/checkout to their semantic versions --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e681c61..3df5fba 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,7 +60,7 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@4.2.2 - name: Push Docker Image if: ${{ success() }} uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 From e7a4ca681c2578f95d92aad88fc86b82859b558c Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:47 -0500 Subject: [PATCH 4/8] Pin (and upgrade) immutable-eligible action actions/stale to their semantic versions --- .github/workflows/stale.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index b4d4075..95cbbc4 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: read steps: - - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e + - uses: actions/stale@9.0.0 with: stale-issue-message: "This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days." close-issue-message: "This issue was closed because it has been stalled for 35 days with no activity." From ebe62ac0878299f6c1ee1a97392e7b9eaf5df4af Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:48 -0500 Subject: [PATCH 5/8] Pin (and upgrade) immutable-eligible action actions/setup-python to their semantic versions --- .github/workflows/python-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index a3aed2a..a4111fb 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@5.3.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies From 5fdb9d6ca8c1ea5ea1f6933043e93838b417ae2b Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:50 -0500 Subject: [PATCH 6/8] Pin (and upgrade) immutable-eligible action actions/checkout to their semantic versions --- .github/workflows/docker-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index 90fe96b..616796c 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -14,6 +14,6 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@4.2.2 - name: Build the Docker image run: docker build . --file Dockerfile --platform linux/amd64 From 1484d954947c6e0770fab9b80a8438ec3b356d02 Mon Sep 17 00:00:00 2001 From: Michael Recachinas Date: Fri, 15 Nov 2024 15:55:51 -0500 Subject: [PATCH 7/8] Pin (and upgrade) immutable-eligible action actions/checkout to their semantic versions --- .github/workflows/major-version-updater.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/major-version-updater.yml b/.github/workflows/major-version-updater.yml index 066d389..c2b1727 100644 --- a/.github/workflows/major-version-updater.yml +++ b/.github/workflows/major-version-updater.yml @@ -15,7 +15,7 @@ jobs: contents: write steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@4.2.2 - name: version id: version From 34f8efcad78f7172943598e5663f04a967ddc223 Mon Sep 17 00:00:00 2001 From: "JM (Jason Meridth)" Date: Fri, 15 Nov 2024 15:25:03 -0600 Subject: [PATCH 8/8] fix: prefix versions with letter v --- .github/workflows/docker-ci.yml | 2 +- .github/workflows/major-version-updater.yml | 2 +- .github/workflows/python-ci.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/stale.yaml | 2 +- .github/workflows/super-linter.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index 616796c..14cc976 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -14,6 +14,6 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@4.2.2 + - uses: actions/checkout@v4.2.2 - name: Build the Docker image run: docker build . --file Dockerfile --platform linux/amd64 diff --git a/.github/workflows/major-version-updater.yml b/.github/workflows/major-version-updater.yml index c2b1727..a0a9e71 100644 --- a/.github/workflows/major-version-updater.yml +++ b/.github/workflows/major-version-updater.yml @@ -15,7 +15,7 @@ jobs: contents: write steps: - name: Checkout Repo - uses: actions/checkout@4.2.2 + uses: actions/checkout@v4.2.2 - name: version id: version diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index a4111fb..c5ef65d 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@5.3.0 + uses: actions/setup-python@v5.3.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3df5fba..69597d0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,7 +60,7 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@4.2.2 + - uses: actions/checkout@v4.2.2 - name: Push Docker Image if: ${{ success() }} uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ed5e29e..1b0b547 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -36,7 +36,7 @@ jobs: results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@4.4.3 + uses: actions/upload-artifact@v4.4.3 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 95cbbc4..e40f273 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: read steps: - - uses: actions/stale@9.0.0 + - uses: actions/stale@v9.0.0 with: stale-issue-message: "This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days." close-issue-message: "This issue was closed because it has been stalled for 35 days with no activity." diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml index 024ec0b..9669d61 100644 --- a/.github/workflows/super-linter.yaml +++ b/.github/workflows/super-linter.yaml @@ -23,7 +23,7 @@ jobs: with: fetch-depth: 0 - name: Setup Python - uses: actions/setup-python@5.3.0 + uses: actions/setup-python@v5.3.0 with: python-version: "3.12" - name: Install dependencies