diff --git a/.github/workflows/dotnet.yaml b/.github/workflows/dotnet.yaml index a329c06..f285e81 100644 --- a/.github/workflows/dotnet.yaml +++ b/.github/workflows/dotnet.yaml @@ -25,11 +25,11 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 # so that NerdBank.GitVersioning has access to history - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -46,11 +46,11 @@ jobs: security-events: write steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 # so that NerdBank.GitVersioning has access to history - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -65,9 +65,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -80,9 +80,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -93,9 +93,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -106,9 +106,9 @@ jobs: name: Check links runs-on: ubuntu-latest steps: - - uses: actions/checkout@master + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -119,9 +119,9 @@ jobs: name: Check flake runs-on: ubuntu-latest steps: - - uses: actions/checkout@master + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -131,11 +131,11 @@ jobs: nuget-pack: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 # so that NerdBank.GitVersioning has access to history - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} @@ -146,7 +146,7 @@ jobs: - name: Pack run: nix develop --command dotnet pack --configuration Release - name: Upload NuGet artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: nuget-package path: PrattParser/bin/Release/WoofWare.PrattParser.*.nupkg @@ -156,7 +156,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download NuGet artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: nuget-package - name: Check NuGet contents @@ -167,9 +167,9 @@ jobs: runs-on: ubuntu-latest needs: [nuget-pack] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Download NuGet artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: nuget-package - name: Compute package path @@ -209,7 +209,7 @@ jobs: contents: read steps: - name: Download NuGet artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: nuget-package path: packed @@ -228,14 +228,14 @@ jobs: attestations: write contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Nix - uses: cachix/install-nix-action@v31 + uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 with: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - name: Download NuGet artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: nuget-package path: packed @@ -263,9 +263,9 @@ jobs: contents: write needs: [all-required-checks-complete] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Download NuGet artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: nuget-package - name: Compute package path diff --git a/.github/workflows/flake_update.yaml b/.github/workflows/flake_update.yaml index f3e6d4c..9f886dd 100644 --- a/.github/workflows/flake_update.yaml +++ b/.github/workflows/flake_update.yaml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@main + uses: DeterminateSystems/nix-installer-action@00199f951aeb9404028a6e4b95ad42546f73296a # main with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -32,7 +32,7 @@ jobs: - name: Create token id: generate-token - uses: actions/create-github-app-token@v3 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3 with: # https://github.com/actions/create-github-app-token/issues/136 app-id: ${{ secrets.APP_ID }} @@ -47,7 +47,7 @@ jobs: - name: Enable Pull Request Automerge if: ${{ steps.cpr.outputs.pull-request-number }} - uses: peter-evans/enable-pull-request-automerge@v3 + uses: peter-evans/enable-pull-request-automerge@a660677d5469627102a1c1e11409dd063606628d # v3 with: token: ${{ steps.generate-token.outputs.token }} pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}