From 588473f3bd8c39a06d604c6e3019396d929d6446 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jun 2026 05:15:19 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/build.yml | 10 +++++----- .github/workflows/release.yml | 14 +++++++------- Dockerfile | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2710d31..f31cac1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,28 +17,28 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up our JDK environment - uses: actions/setup-java@v5.2.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version-file: '.sdkmanrc' - name: Build with Gradle - uses: gradle/gradle-build-action@v3.5.0 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: arguments: build installDist - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3.7.1 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Docker metadata id: meta - uses: docker/metadata-action@v5.5.1 + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 with: images: ryanmoelter/splity tags: | type=edge,branch=main - name: Build Docker image - uses: docker/build-push-action@v6.9.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . platforms: 'linux/amd64,linux/arm64' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f40ef3e..ba4868d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,17 +13,17 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up our JDK environment - uses: actions/setup-java@v5.2.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version-file: '.sdkmanrc' - name: Build with Gradle - uses: gradle/gradle-build-action@v3.5.0 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: arguments: assemble installDist - name: Automatic release - uses: marvinpinto/action-automatic-releases@v1.2.1 + uses: marvinpinto/action-automatic-releases@919008cf3f741b179569b7a6fb4d8860689ab7f0 # v1.2.1 with: repo_token: "${{ secrets.GITHUB_TOKEN }}" draft: true @@ -33,17 +33,17 @@ jobs: build/distributions/*.zip - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3.7.1 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Log in to Docker Hub - uses: docker/login-action@v3.3.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Docker metadata id: meta - uses: docker/metadata-action@v5.5.1 + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 with: images: ryanmoelter/splity tags: | @@ -52,7 +52,7 @@ jobs: type=raw,value=latest - name: Build and push Docker image - uses: docker/build-push-action@v6.9.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . platforms: linux/amd64,linux/arm64 diff --git a/Dockerfile b/Dockerfile index 230dbe8..0e5d56d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ # # Zulu JRE 17 (headless) matches the JDK the project builds with (jvmToolchain(17), # .sdkmanrc, CI). -FROM azul/zulu-openjdk:25-jre-headless +FROM azul/zulu-openjdk:25-jre-headless@sha256:7cc16d368c36e2b28a3e4959188ad3781a8d1bdc18d6eccd43cfb5a7d6f78b61 COPY build/install/splity /opt/splity