diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 2e94855d3c..5d3fdba7ff 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -16,11 +16,11 @@ jobs: PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 - - uses: actions/setup-node@v4 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '22' - - uses: pnpm/action-setup@v4 + - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 with: version: latest - name: Install dependencies @@ -31,21 +31,21 @@ jobs: runs-on: labels: [ubuntu-2204-8] steps: - - uses: actions/checkout@v5 - - uses: actions/setup-node@v4 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '22' - - uses: pnpm/action-setup@v4 + - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 with: version: latest - name: Install dependencies run: pnpm install - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@v6 + uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6 - name: Install python dependencies run: | python -m venv .venv @@ -62,7 +62,7 @@ jobs: run: | source ../../.venv/bin/activate pnpm run test:e2e - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 if: ${{ !cancelled() }} with: name: playwright-report @@ -75,13 +75,13 @@ jobs: matrix: dbt-version: ['1.3', '1.4', '1.5', '1.6', '1.7', '1.8', '1.9', '1.10'] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.10' - name: Install uv - uses: astral-sh/setup-uv@v6 + uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6 - name: Install SQLMesh dev dependencies run: | uv venv .venv diff --git a/.github/workflows/private-repo-test.yaml b/.github/workflows/private-repo-test.yaml index 07253f1a00..2c6c62bafb 100644 --- a/.github/workflows/private-repo-test.yaml +++ b/.github/workflows/private-repo-test.yaml @@ -17,22 +17,22 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha || github.ref }} - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@v6 + uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6 - name: Set up Node.js for UI build - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '20' - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 with: version: latest - name: Install UI dependencies @@ -78,13 +78,13 @@ jobs: unset TWINE_USERNAME TWINE_PASSWORD && make publish-tests - name: Get GitHub App token id: get_token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@fee1f7d63c2ff003460e3d139729b119787bc349 # v2 with: private-key: ${{ secrets.TOBIKO_RENOVATE_BOT_PRIVATE_KEY }} app-id: ${{ secrets.TOBIKO_RENOVATE_BOT_APP_ID }} owner: ${{ secrets.PRIVATE_REPO_OWNER }} - name: Trigger private repository workflow - uses: convictional/trigger-workflow-and-wait@v1.6.5 + uses: convictional/trigger-workflow-and-wait@f69fa9eedd3c62a599220f4d5745230e237904be # v1.6.5 with: owner: ${{ secrets.PRIVATE_REPO_OWNER }} repo: ${{ secrets.PRIVATE_REPO_NAME }} diff --git a/.github/workflows/release_extension.yaml b/.github/workflows/release_extension.yaml index bb52c32966..57482882a5 100644 --- a/.github/workflows/release_extension.yaml +++ b/.github/workflows/release_extension.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Check branch is main run: | if [[ "${{ github.ref }}" != "refs/heads/main" ]]; then @@ -28,11 +28,11 @@ jobs: fi echo "Version format is valid: $version" - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '20' - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 with: version: 10 - name: Install dependencies diff --git a/.github/workflows/release_shared_js.yaml b/.github/workflows/release_shared_js.yaml index 96992ae637..2d70dedc0d 100644 --- a/.github/workflows/release_shared_js.yaml +++ b/.github/workflows/release_shared_js.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: Check branch is main run: | if [[ "${{ github.ref }}" != "refs/heads/main" ]]; then @@ -31,7 +31,7 @@ jobs: fi echo "Version format is valid: $version" - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '20' registry-url: 'https://registry.npmjs.org' @@ -40,7 +40,7 @@ jobs: - name: Print npm version run: npm --version - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 with: version: 10 - name: Install dependencies