diff --git a/.github/workflows/docs-lint.yml b/.github/workflows/docs-lint.yml index ad64d9b6..b363f102 100644 --- a/.github/workflows/docs-lint.yml +++ b/.github/workflows/docs-lint.yml @@ -19,10 +19,10 @@ jobs: - TOXENV: lint steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.13" # Pending https://github.com/isidentical/teyit/issues/23 cache: pip diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 6de43e03..2b426d59 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -16,16 +16,24 @@ on: jobs: update_release_draft: - if: github.event.repository.fork == false + if: | + github.event.repository.fork == false + && github.event_name != 'pull_request' permissions: # write permission is required to create a GitHub Release contents: write + runs-on: ubuntu-slim + steps: + # Drafts your next release notes as pull requests are merged into "main" + - uses: release-drafter/release-drafter@5de93583980a40bd78603b6dfdcda5b4df377b32 # v7.2.0 + + autolabeler: + if: | + github.event.repository.fork == false + && github.event_name == 'pull_request' + permissions: # write permission is required for autolabeler - # otherwise, read permission is required at least pull-requests: write - runs-on: ubuntu-latest + runs-on: ubuntu-slim steps: - # Drafts your next release notes as pull requests are merged into "main" - - uses: release-drafter/release-drafter@v6 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - uses: release-drafter/release-drafter/autolabeler@5de93583980a40bd78603b6dfdcda5b4df377b32 # v7.2.0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2aa93c8a..7f6250e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.x" cache: pip @@ -38,7 +38,7 @@ jobs: - name: Upload packages to Jazzband if: github.event.action == 'published' - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: user: jazzband password: ${{ secrets.JAZZBAND_RELEASE_KEY }} diff --git a/.github/workflows/require-pr-label.yml b/.github/workflows/require-pr-label.yml index 5f7a2803..bd53a2a8 100644 --- a/.github/workflows/require-pr-label.yml +++ b/.github/workflows/require-pr-label.yml @@ -13,7 +13,7 @@ jobs: pull-requests: write steps: - - uses: mheap/github-action-required-labels@v5 + - uses: mheap/github-action-required-labels@0ac283b4e65c1fb28ce6079dea5546ceca98ccbe # v5.5.2 with: mode: minimum count: 1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 271e8d34..52e56160 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,10 +19,10 @@ jobs: os: [ubuntu-latest, macOS-latest, windows-latest] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} allow-prereleases: true @@ -41,6 +41,6 @@ jobs: tox -e py - name: Upload coverage - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 with: name: ${{ matrix.os }} Python ${{ matrix.python-version }}