diff --git a/.github/workflows/check_pr_release_notes.yml b/.github/workflows/check_pr_release_notes.yml index 4d34449..9fb102b 100644 --- a/.github/workflows/check_pr_release_notes.yml +++ b/.github/workflows/check_pr_release_notes.yml @@ -26,12 +26,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/setup-python@v6 + - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 with: python-version: '3.14' - name: Check presence of release notes in PR description - uses: AbsaOSS/release-notes-presence-check@v0 + uses: AbsaOSS/release-notes-presence-check@8e586b26a5e27f899ee8590a5d988fd4780a3dbf # v0.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml index 4c8d02c..6a94733 100644 --- a/.github/workflows/dependabot.yml +++ b/.github/workflows/dependabot.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v3 + uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Approve a PR diff --git a/.github/workflows/release_draft.yml b/.github/workflows/release_draft.yml index 6e09121..67e365b 100644 --- a/.github/workflows/release_draft.yml +++ b/.github/workflows/release_draft.yml @@ -29,18 +29,18 @@ jobs: release-draft: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 persist-credentials: false - - uses: actions/setup-python@v6 + - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 with: python-version: '3.14' - name: Check Format of Received Tag id: check-version-tag - uses: AbsaOSS/version-tag-check@v1 + uses: AbsaOSS/version-tag-check@4145e48bf3f77a5afff2ec9afdd8afb6b53bce34 # v1.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -50,7 +50,7 @@ jobs: - name: Check Format of Received From Tag if: ${{ github.event.inputs.from-tag-name }} id: check-version-from-tag - uses: AbsaOSS/version-tag-check@v1 + uses: AbsaOSS/version-tag-check@4145e48bf3f77a5afff2ec9afdd8afb6b53bce34 # v1.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -60,7 +60,7 @@ jobs: - name: Generate Release Notes id: generate_release_notes - uses: AbsaOSS/generate-release-notes@v1 + uses: AbsaOSS/generate-release-notes@da535383f54a6532adb84e88d3b6e5c7236132df # v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -82,7 +82,7 @@ jobs: print-empty-chapters: false - name: Create and Push Tag - uses: actions/github-script@v9 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 env: TAG_NAME: ${{ github.event.inputs.tag-name }} with: @@ -102,7 +102,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Create Draft Release - uses: softprops/action-gh-release@v3 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/update_v1_tag.yml b/.github/workflows/update_v1_tag.yml index b005627..a7c488a 100644 --- a/.github/workflows/update_v1_tag.yml +++ b/.github/workflows/update_v1_tag.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0