From 9989cacf075a0a0481ccec0e038be102c4051c53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Buscht=C3=B6ns?= Date: Thu, 9 Apr 2026 13:28:24 +0200 Subject: [PATCH] PLT-621 chore(ci/actions): pin GitHub Actions SHAs --- .github/workflows/integrate.yml | 32 ++++++++++++++++---------------- .github/workflows/publish.yml | 18 +++++++++--------- .github/workflows/validate.yml | 26 +++++++++++++------------- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/integrate.yml b/.github/workflows/integrate.yml index 63a0c0fe083..d51b82f970e 100644 --- a/.github/workflows/integrate.yml +++ b/.github/workflows/integrate.yml @@ -17,10 +17,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x registry-url: https://registry.npmjs.org @@ -37,7 +37,7 @@ jobs: - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -64,11 +64,11 @@ jobs: runs-on: windows-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -77,7 +77,7 @@ jobs: restore-keys: npm-v16-${{ runner.os }}-${{ github.ref }}- - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x @@ -94,11 +94,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -107,7 +107,7 @@ jobs: restore-keys: npm-v14-${{ runner.os }}-${{ github.ref }}- - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 14.x @@ -126,10 +126,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 12.x @@ -141,10 +141,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 4.x @@ -163,7 +163,7 @@ jobs: SERVERLESS_BINARY_PATH: ./dist/serverless-linux steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: # Ensure to have complete history of commits pushed with given push operation # It's loose and imperfect assumption that no more than 30 commits will be pushed at once @@ -173,7 +173,7 @@ jobs: token: ${{ secrets.USER_GITHUB_TOKEN }} - name: Retrieve dependencies from cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -186,7 +186,7 @@ jobs: python-version: '3.11' - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d97ada64ab4..15dc3f014c2 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -13,10 +13,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 id: cacheNpm with: path: | @@ -25,7 +25,7 @@ jobs: key: npm-v16-${{ runner.os }}-${{ github.ref }}-${{ hashFiles('package.json') }} - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x registry-url: https://registry.npmjs.org @@ -61,10 +61,10 @@ jobs: GITHUB_TOKEN: ${{ secrets.USER_GITHUB_TOKEN }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 id: cacheNpm with: path: | @@ -73,7 +73,7 @@ jobs: key: npm-v16-${{ runner.os }}-refs/heads/main-${{ hashFiles('package.json') }} - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x registry-url: https://registry.npmjs.org @@ -117,10 +117,10 @@ jobs: CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -128,7 +128,7 @@ jobs: key: npm-v16-${{ runner.os }}-refs/heads/main-${{ hashFiles('package.json') }} - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x registry-url: https://registry.npmjs.org diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 30e95dfb86a..8ffc95a66bd 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: # For commitlint purpose ensure to have complete list of PR commits # It's loose and imperfect assumption that PR has no more than 30 commits @@ -32,7 +32,7 @@ jobs: - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -43,7 +43,7 @@ jobs: npm-v16-${{ runner.os }}-refs/heads/main- - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x @@ -80,11 +80,11 @@ jobs: runs-on: windows-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -95,7 +95,7 @@ jobs: npm-v16-${{ runner.os }}-refs/heads/main- - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 16.x @@ -112,11 +112,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Retrieve dependencies from cache id: cacheNpm - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: | ~/.npm @@ -127,7 +127,7 @@ jobs: npm-v14-${{ runner.os }}-refs/heads/main- - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 14.x @@ -146,10 +146,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 12.x @@ -161,10 +161,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js and npm - uses: actions/setup-node@v3 + uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3 with: node-version: 4.x