diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 34eee92..f71fea7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,10 +19,10 @@ jobs: name: Build and Test (Node ${{ matrix.node }}) steps: - name: Check out the code - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Set up Node.js environment - uses: actions/setup-node@v4.0.2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: ${{ matrix.node }} cache: npm diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index afb699e..bf4ca9d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,18 +25,18 @@ jobs: - javascript steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 with: languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 08ce8f3..18c6f73 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -18,12 +18,12 @@ jobs: if: github.event_name == 'release' || github.event.inputs.npm == 'yes' || github.event.inputs.gpr == 'yes' steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 with: ref: ${{ github.event.release.tag_name }} - name: Set up Node.js environment - uses: actions/setup-node@v4.0.2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: lts/* cache: npm @@ -40,7 +40,7 @@ jobs: run: npm pack - name: Save tarball - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4 with: name: package path: "*.tgz" @@ -63,13 +63,13 @@ jobs: steps: - name: Set up Node.js environment if: github.event.inputs[matrix.registry] == 'yes' || github.event_name == 'release' - uses: actions/setup-node@v4.0.2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: registry-url: ${{ matrix.registry_url }} - name: Download tarball if: github.event.inputs[matrix.registry] == 'yes' || github.event_name == 'release' - uses: actions/download-artifact@v4 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4 with: name: package diff --git a/.github/workflows/push-tag.yml b/.github/workflows/push-tag.yml index 8b32f9e..127fb7e 100644 --- a/.github/workflows/push-tag.yml +++ b/.github/workflows/push-tag.yml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the code - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Set up Node.js environment - uses: actions/setup-node@v4.0.2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: lts/* cache: npm @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Fetch tags run: git fetch --depth=1 origin +refs/tags/*:refs/tags/* @@ -50,7 +50,7 @@ jobs: echo "::set-output name=body::${BODY}" - name: Create a release - uses: actions/create-release@v1.1.4 + uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 env: GITHUB_TOKEN: ${{ secrets.REPOSITORY_ACCESS_TOKEN }} with: