[Github] Pin Remaining Github Actions to SHAs #166194
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We had a couple in the llvm/actions repository that were pinned to main. Pin them to the latest SHA in main to keep them consistent with everything else. These also ensures we are compliant with our own CI best practices and also cleans up the remaining CodeQL findings for this specific issue.
Member
|
@llvm/pr-subscribers-github-workflow Author: Aiden Grossman (boomanaiden154) ChangesWe had a couple in the llvm/actions repository that were pinned to main. Pin them to the latest SHA in main to keep them consistent with everything else. These also ensures we are compliant with our own CI best practices and also cleans up the remaining CodeQL findings for this specific issue. Full diff: https://github.com/llvm/llvm-project/pull/166194.diff 6 Files Affected:
diff --git a/.github/workflows/hlsl-test-all.yaml b/.github/workflows/hlsl-test-all.yaml
index cdc951658b4d2..ce6ccfa23df6a 100644
--- a/.github/workflows/hlsl-test-all.yaml
+++ b/.github/workflows/hlsl-test-all.yaml
@@ -54,7 +54,7 @@ jobs:
path: golden-images
- name: Setup Windows
if: runner.os == 'Windows'
- uses: llvm/actions/setup-windows@main
+ uses: llvm/actions/setup-windows@42d80571b13f4599bbefbc7189728b64723c7f78 # main
with:
arch: amd64
- name: Build DXC
diff --git a/.github/workflows/libclang-abi-tests.yml b/.github/workflows/libclang-abi-tests.yml
index 5ccf976848197..432c45744abda 100644
--- a/.github/workflows/libclang-abi-tests.yml
+++ b/.github/workflows/libclang-abi-tests.yml
@@ -100,7 +100,7 @@ jobs:
repo: ${{ github.repository }}
steps:
- name: Install Ninja
- uses: llvm/actions/install-ninja@main
+ uses: llvm/actions/install-ninja@42d80571b13f4599bbefbc7189728b64723c7f78 # main
- name: Install abi-compliance-checker
run: |
sudo apt-get update
diff --git a/.github/workflows/llvm-abi-tests.yml b/.github/workflows/llvm-abi-tests.yml
index f73d180bb0005..961f1cc79389d 100644
--- a/.github/workflows/llvm-abi-tests.yml
+++ b/.github/workflows/llvm-abi-tests.yml
@@ -88,7 +88,7 @@ jobs:
repo: ${{ github.repository }}
steps:
- name: Install Ninja
- uses: llvm/actions/install-ninja@main
+ uses: llvm/actions/install-ninja@42d80571b13f4599bbefbc7189728b64723c7f78 # main
- name: Install abi-compliance-checker
run: |
sudo apt-get update
diff --git a/.github/workflows/new-issues.yml b/.github/workflows/new-issues.yml
index 8480a657cc717..a5dcad28dbe24 100644
--- a/.github/workflows/new-issues.yml
+++ b/.github/workflows/new-issues.yml
@@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-24.04
if: github.repository == 'llvm/llvm-project'
steps:
- - uses: llvm/actions/issue-labeler@main
+ - uses: llvm/actions/issue-labeler@42d80571b13f4599bbefbc7189728b64723c7f78 # main
with:
repo-token: ${{ secrets.ISSUE_SUBSCRIBER_TOKEN }}
configuration-path: .github/new-issues-labeler.yml
diff --git a/.github/workflows/premerge.yaml b/.github/workflows/premerge.yaml
index 6303a119750b5..973d3abf358ce 100644
--- a/.github/workflows/premerge.yaml
+++ b/.github/workflows/premerge.yaml
@@ -190,7 +190,7 @@ jobs:
with:
max-size: "2000M"
- name: Install Ninja
- uses: llvm/actions/install-ninja@main
+ uses: llvm/actions/install-ninja@42d80571b13f4599bbefbc7189728b64723c7f78 # main
- name: Build and Test
run: |
source <(git diff --name-only HEAD~1...HEAD | python3 .ci/compute_projects.py)
diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml
index d1a017ab7b553..acc47231e3569 100644
--- a/.github/workflows/release-binaries.yml
+++ b/.github/workflows/release-binaries.yml
@@ -177,7 +177,7 @@ jobs:
- name: Setup Windows
if: startsWith(runner.os, 'Windows')
- uses: llvm/actions/setup-windows@main
+ uses: llvm/actions/setup-windows@42d80571b13f4599bbefbc7189728b64723c7f78 # main
with:
arch: amd64
|
tstellar
approved these changes
Nov 3, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We had a couple in the llvm/actions repository that were pinned to main. Pin them to the latest SHA in main to keep them consistent with everything else. These also ensures we are compliant with our own CI best practices and also cleans up the remaining CodeQL findings for this specific issue.