diff --git a/.github/workflows/_lint.yml b/.github/workflows/_lint.yml index 7c909b54..b8bd22d8 100644 --- a/.github/workflows/_lint.yml +++ b/.github/workflows/_lint.yml @@ -36,7 +36,7 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: enable-cache: true python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index cc427b35..d332b181 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -40,11 +40,9 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: - enable-cache: true python-version: ${{ env.PYTHON_VERSION }} - cache-dependency-glob: "${{ inputs.working-directory }}/uv.lock" # We want to keep this build stage *separate* from the release stage, # so that there's no sharing of permissions between them. @@ -110,7 +108,7 @@ jobs: # used in the real world. - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: python-version: ${{ env.PYTHON_VERSION }} @@ -211,11 +209,9 @@ jobs: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: - enable-cache: true python-version: ${{ env.PYTHON_VERSION }} - cache-dependency-glob: "${{ inputs.working-directory }}/uv.lock" - uses: actions/download-artifact@v5 with: @@ -223,7 +219,7 @@ jobs: path: ${{ inputs.working-directory }}/dist/ - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1 + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 with: packages-dir: ${{ inputs.working-directory }}/dist/ verbose: true @@ -252,7 +248,7 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: enable-cache: true python-version: ${{ env.PYTHON_VERSION }} @@ -264,7 +260,7 @@ jobs: path: ${{ inputs.working-directory }}/dist/ - name: Create Release - uses: ncipollo/release-action@bcfe5470707e8832e12347755757cec0eb3c22af # v1 + uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1 id: create-release with: artifacts: "${{ inputs.working-directory }}/dist/*" diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml index 08620c96..acd7c2af 100644 --- a/.github/workflows/_test.yml +++ b/.github/workflows/_test.yml @@ -26,7 +26,7 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: enable-cache: true python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/_test_release.yml b/.github/workflows/_test_release.yml index a8bcf837..8230dec7 100644 --- a/.github/workflows/_test_release.yml +++ b/.github/workflows/_test_release.yml @@ -27,7 +27,7 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: enable-cache: true python-version: ${{ env.PYTHON_VERSION }} @@ -83,7 +83,7 @@ jobs: path: ${{ inputs.working-directory }}/dist/ - name: Publish to test PyPI - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # release/v1 + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 with: packages-dir: ${{ inputs.working-directory }}/dist/ verbose: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 02e0dab8..b9f1d6df 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@v5 with: persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.10' - id: files @@ -44,7 +44,7 @@ jobs: - uses: actions/checkout@v5 with: persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 with: extra_args: --all-files --hook-stage=manual @@ -83,7 +83,7 @@ jobs: persist-credentials: false - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 - name: Install uv - uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b # v5 + uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 with: enable-cache: true python-version: 3.9 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 614233b9..90031e95 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,11 +39,11 @@ jobs: with: ref: ${{ inputs.ref }} persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3 + uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -60,6 +60,6 @@ jobs: pip install -e . - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3 + uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3 with: category: "/language:${{matrix.language}}"