From 05c78a86bde760b1e62abee17d99faa45a9737ba Mon Sep 17 00:00:00 2001 From: Maxime David Date: Tue, 31 Mar 2026 15:18:12 +0000 Subject: [PATCH] fix: pin GitHub Actions --- .github/workflows/repo-sync.yml | 4 ++-- .../runtime-interface-client_merge_to_main.yml | 12 ++++++------ .github/workflows/runtime-interface-client_pr.yml | 4 ++-- .github/workflows/samples.yml | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index 6a918fde..4934754d 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v6 if: ${{ env.IS_CONFIGURED == 'true' }} - - uses: repo-sync/github-sync@v2 + - uses: repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88 # v2.3.0 name: Sync repo to branch if: ${{ env.IS_CONFIGURED == 'true' }} with: @@ -30,7 +30,7 @@ jobs: source_branch: main destination_branch: ${{ secrets.INTERMEDIATE_BRANCH }} github_token: ${{ secrets.GITHUB_TOKEN }} - - uses: repo-sync/pull-request@v2 + - uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 # v2.12.1 name: Create pull request if: ${{ env.IS_CONFIGURED == 'true' }} with: diff --git a/.github/workflows/runtime-interface-client_merge_to_main.yml b/.github/workflows/runtime-interface-client_merge_to_main.yml index f6631075..d0d47911 100644 --- a/.github/workflows/runtime-interface-client_merge_to_main.yml +++ b/.github/workflows/runtime-interface-client_merge_to_main.yml @@ -28,20 +28,20 @@ jobs: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK 1.8 - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: java-version: 8 distribution: corretto cache: maven - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 with: install: true @@ -62,7 +62,7 @@ jobs: if: env.ENABLE_SNAPSHOT != null env: ENABLE_SNAPSHOT: ${{ secrets.ENABLE_SNAPSHOT }} - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4 with: aws-region: ${{ secrets.AWS_REGION }} role-to-assume: ${{ secrets.AWS_ROLE }} @@ -91,6 +91,6 @@ jobs: - name: Upload coverage to Codecov if: env.CODECOV_TOKEN != null - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/runtime-interface-client_pr.yml b/.github/workflows/runtime-interface-client_pr.yml index 645f1069..e0522005 100644 --- a/.github/workflows/runtime-interface-client_pr.yml +++ b/.github/workflows/runtime-interface-client_pr.yml @@ -58,7 +58,7 @@ jobs: cache: maven - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -90,6 +90,6 @@ jobs: - name: Upload coverage to Codecov if: env.CODECOV_TOKEN != null - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/samples.yml b/.github/workflows/samples.yml index ef961c3e..68e25827 100644 --- a/.github/workflows/samples.yml +++ b/.github/workflows/samples.yml @@ -73,7 +73,7 @@ jobs: # Build custom-serialization samples - name: install sam - uses: aws-actions/setup-sam@v2 + uses: aws-actions/setup-sam@d78e1a4a9656d3b223e59b80676a797f20093133 # v2 - name: test fastJson run: cd samples/custom-serialization/fastJson && sam build && sam local invoke -e events/event.json | grep 200 - name: test gson