From 5b3c678c2c9df66b49c7efe8ae29b50e4150af22 Mon Sep 17 00:00:00 2001 From: dagecko Date: Mon, 30 Mar 2026 14:38:05 -0400 Subject: [PATCH] fix: harden GitHub Actions workflows --- .github/workflows/e2e_android.yml | 4 ++-- .github/workflows/e2e_ios.yml | 4 ++-- .github/workflows/lint.yml | 2 +- .github/workflows/publish.yml | 4 ++-- .github/workflows/test.yml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/e2e_android.yml b/.github/workflows/e2e_android.yml index 9ee3af01..9ba2a5cc 100644 --- a/.github/workflows/e2e_android.yml +++ b/.github/workflows/e2e_android.yml @@ -33,7 +33,7 @@ jobs: node-version: 20 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 with: bun-version: latest @@ -57,7 +57,7 @@ jobs: run: node -e "console.log('AVD_NAME=' + require('./Example/testHotUpdate/.detoxrc').devices.emulator.device.avdName)" >> $GITHUB_OUTPUT - name: Detox test (android.emu.release) - uses: reactivecircus/android-emulator-runner@v2 + uses: reactivecircus/android-emulator-runner@e89f39f1abbbd05b1113a29cf4db69e7540cae5a # v2 env: RNU_CLI_ROOT: ${{ github.workspace }}/react-native-update-cli with: diff --git a/.github/workflows/e2e_ios.yml b/.github/workflows/e2e_ios.yml index 694adf18..5ec207c8 100644 --- a/.github/workflows/e2e_ios.yml +++ b/.github/workflows/e2e_ios.yml @@ -32,7 +32,7 @@ jobs: node-version: 20 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 with: bun-version: latest @@ -43,7 +43,7 @@ jobs: java-version: '17' - name: Setup Xcode - uses: maxim-lobanov/setup-xcode@v1 + uses: maxim-lobanov/setup-xcode@ed7a3b1fda3918c0306d1b724322adc0b8cc0a90 # v1 with: xcode-version: latest-stable diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c200af5d..558ce6c2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,7 +21,7 @@ jobs: steps: - uses: actions/checkout@v6 - - uses: oven-sh/setup-bun@v2 + - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 - name: Install Dependency run: bun install --frozen-lockfile diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index a0ae057c..333cce0e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -51,7 +51,7 @@ jobs: run: | git config --global --add safe.directory "$GITHUB_WORKSPACE" git submodule foreach --recursive 'git config --global --add safe.directory "$toplevel/$sm_path"' - - uses: oven-sh/setup-bun@v2 + - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 # Setup .npmrc file to publish to npm - uses: actions/setup-node@v6 with: @@ -84,7 +84,7 @@ jobs: run: | git config --global --add safe.directory "$GITHUB_WORKSPACE" git submodule foreach --recursive 'git config --global --add safe.directory "$toplevel/$sm_path"' - - uses: oven-sh/setup-bun@v2 + - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 # Setup .npmrc file to publish to npm - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1d79d111..444b84f8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v6 - - uses: oven-sh/setup-bun@v2 + - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 - name: Install Dependencies run: bun install --frozen-lockfile