diff --git a/.github/actions/test_gem/action.yml b/.github/actions/test_gem/action.yml index 6154aefb7..3fb446f9b 100644 --- a/.github/actions/test_gem/action.yml +++ b/.github/actions/test_gem/action.yml @@ -58,7 +58,7 @@ runs: # ...but not for appraisals, sadly. - name: Install Ruby ${{ inputs.ruby }} with dependencies if: "${{ steps.setup.outputs.appraisals == 'false' }}" - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "${{ inputs.ruby }}" working-directory: "${{ steps.setup.outputs.gem_dir }}" @@ -69,7 +69,7 @@ runs: # If we're using appraisals, do it all manually. - name: Install Ruby ${{ inputs.ruby }} without dependencies if: "${{ steps.setup.outputs.appraisals == 'true' }}" - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: "${{ inputs.ruby }}" bundler: "latest" diff --git a/.github/workflows/ci-markdown-link.yml b/.github/workflows/ci-markdown-link.yml index cdd9482e6..04c4427f1 100644 --- a/.github/workflows/ci-markdown-link.yml +++ b/.github/workflows/ci-markdown-link.yml @@ -14,11 +14,11 @@ jobs: pull-requests: write # required for posting review comments runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # equivalent cli: linkspector check - name: Run linkspector - uses: umbrelladocs/action-linkspector@v1 + uses: umbrelladocs/action-linkspector@652f85bc57bb1e7d4327260decc10aa68f7694c3 # v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} reporter: github-pr-review diff --git a/.github/workflows/ci-markdownlint.yml b/.github/workflows/ci-markdownlint.yml index 701a0d31f..53a775acc 100644 --- a/.github/workflows/ci-markdownlint.yml +++ b/.github/workflows/ci-markdownlint.yml @@ -10,11 +10,11 @@ jobs: markdownlint-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # equivalent cli: markdownlint-cli2 "**/*.md" "#**/CHANGELOG.md" "#.github/**" --config .markdownlint.json - name: "Markdown Lint Check" - uses: DavidAnson/markdownlint-cli2-action@v22 + uses: DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101 # v22 with: config: .markdownlint.json fix: false diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d45cfead1..306725b35 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,7 +40,7 @@ jobs: name: ${{ matrix.gem }} / ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: "Test Ruby 3.4" uses: ./.github/actions/test_gem with: @@ -107,7 +107,7 @@ jobs: name: ${{ matrix.gem }} / ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: "Test Ruby 3.4" if: "${{ matrix.gem != 'opentelemetry-exporter-jaeger' }}" uses: ./.github/actions/test_gem @@ -177,7 +177,7 @@ jobs: name: ${{ matrix.gem }} / ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: "Test Ruby 3.4" uses: ./.github/actions/test_gem with: @@ -218,5 +218,5 @@ jobs: codespell: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - run: make codespell diff --git a/.github/workflows/conventional-commits.yml b/.github/workflows/conventional-commits.yml index 105e8d79d..acf3812aa 100644 --- a/.github/workflows/conventional-commits.yml +++ b/.github/workflows/conventional-commits.yml @@ -21,7 +21,7 @@ jobs: name: Conventional Commits Validation runs-on: ubuntu-latest steps: - - uses: dev-build-deploy/commit-me@v1.5.0 + - uses: dev-build-deploy/commit-me@3e4b05860d83d9120140d8dd220b0d389ddc79a9 # v1.5.0 env: FORCE_COLOR: 3 with: diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 9e1778b01..6f687e203 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -16,7 +16,7 @@ jobs: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Install Ruby 3.4 - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: 3.4 - name: Generate Gemfile.lock diff --git a/.github/workflows/release-hook-on-closed.yml b/.github/workflows/release-hook-on-closed.yml index ced4ce767..bece1fcc3 100644 --- a/.github/workflows/release-hook-on-closed.yml +++ b/.github/workflows/release-hook-on-closed.yml @@ -19,11 +19,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Process release request diff --git a/.github/workflows/release-hook-on-push.yml b/.github/workflows/release-hook-on-push.yml index 7e79a5cd0..1b53a5b01 100644 --- a/.github/workflows/release-hook-on-push.yml +++ b/.github/workflows/release-hook-on-push.yml @@ -19,11 +19,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Update open releases diff --git a/.github/workflows/release-perform.yml b/.github/workflows/release-perform.yml index 272f2f049..35558f8cb 100644 --- a/.github/workflows/release-perform.yml +++ b/.github/workflows/release-perform.yml @@ -27,11 +27,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Perform release diff --git a/.github/workflows/release-request-weekly.yml b/.github/workflows/release-request-weekly.yml index df8f90d6b..efd736707 100644 --- a/.github/workflows/release-request-weekly.yml +++ b/.github/workflows/release-request-weekly.yml @@ -18,11 +18,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Create otelbot app token diff --git a/.github/workflows/release-request.yml b/.github/workflows/release-request.yml index c1db7c957..5fc586539 100644 --- a/.github/workflows/release-request.yml +++ b/.github/workflows/release-request.yml @@ -22,11 +22,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Create otelbot app token diff --git a/.github/workflows/release-retry.yml b/.github/workflows/release-retry.yml index 44f281a7b..a82d1e4e7 100644 --- a/.github/workflows/release-retry.yml +++ b/.github/workflows/release-retry.yml @@ -26,11 +26,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Ruby ${{ env.ruby_version }} - uses: ruby/setup-ruby@v1.267.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: ruby-version: ${{ env.ruby_version }} - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Install Toys run: "gem install --no-document toys -v 0.15.5" - name: Retry release diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 84a3bed8e..2aee05d7a 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/stale@v10 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10 name: Clean up stale issues and PRs with: repo-token: ${{ secrets.GITHUB_TOKEN }}