diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3e3e17e8..05cc03c1 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,5 +1,9 @@ version: 2 updates: + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: weekly - package-ecosystem: composer directory: "/" schedule: diff --git a/.github/workflows/api_update_reminder.yml b/.github/workflows/api_update_reminder.yml index b4cfb456..22726380 100644 --- a/.github/workflows/api_update_reminder.yml +++ b/.github/workflows/api_update_reminder.yml @@ -8,8 +8,8 @@ jobs: reminder: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: JasonEtco/create-an-issue@v2.4.0 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 + - uses: JasonEtco/create-an-issue@e6b4b190af80961b6462c725454e7828d0247a68 # v2.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/api_update_reminder_on_release.yml b/.github/workflows/api_update_reminder_on_release.yml index 5e3053f9..f82510a7 100644 --- a/.github/workflows/api_update_reminder_on_release.yml +++ b/.github/workflows/api_update_reminder_on_release.yml @@ -8,8 +8,8 @@ jobs: reminder: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: JasonEtco/create-an-issue@v2.4.0 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 + - uses: JasonEtco/create-an-issue@e6b4b190af80961b6462c725454e7828d0247a68 # v2.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 89577775..92e9f4f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,10 +12,10 @@ jobs: - "8.1" - "8.2" steps: - - uses: actions/checkout@master + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install PHP with extensions - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # 2.33.0 with: php-version: ${{ matrix.php-version }} tools: composer:v2, phpcs diff --git a/.github/workflows/close-waiting-for-response-issues.yml b/.github/workflows/close-waiting-for-response-issues.yml index ffd7a382..203a0fcf 100644 --- a/.github/workflows/close-waiting-for-response-issues.yml +++ b/.github/workflows/close-waiting-for-response-issues.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: close-issues - uses: actions-cool/issues-helper@v3 + uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0 with: actions: 'close-issues' token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/markdown_link_checker.yml b/.github/workflows/markdown_link_checker.yml index 4f119a9e..cac04050 100644 --- a/.github/workflows/markdown_link_checker.yml +++ b/.github/workflows/markdown_link_checker.yml @@ -6,8 +6,8 @@ jobs: markdown-link-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - uses: gaurav-nelson/github-action-markdown-link-check@v1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: gaurav-nelson/github-action-markdown-link-check@499c1e7f3637c131334fa8e937c45144f79d72d2 # v1 with: folder-path: 'docs/' use-verbose-mode: 'yes' diff --git a/.github/workflows/remove-labels-on-activity.yml b/.github/workflows/remove-labels-on-activity.yml index 48872e95..eb451b83 100644 --- a/.github/workflows/remove-labels-on-activity.yml +++ b/.github/workflows/remove-labels-on-activity.yml @@ -7,10 +7,9 @@ jobs: remove-labels-on-activity: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-ecosystem/action-remove-labels@v1 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 + - uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.2.0 if: contains(github.event.issue.labels.*.name, 'Waiting for Response') with: labels: | Waiting for Response -