From 7e6f782633e56c5992ecc24c97bb1dc842cc02ba Mon Sep 17 00:00:00 2001 From: "minder-by-stacklok[bot]" <165083860+github-actions[bot]@users.noreply.github.com> Date: Fri, 17 May 2024 10:44:32 +0000 Subject: [PATCH] Replace unpinned actions with pinned action --- .github/workflows/badges.yml | 106 +++++++++++++------------- .github/workflows/ci.yml | 61 ++++++++------- .github/workflows/codeql-analysis.yml | 68 ++++++++--------- .github/workflows/libyear.yml | 21 +++-- 4 files changed, 122 insertions(+), 134 deletions(-) diff --git a/.github/workflows/badges.yml b/.github/workflows/badges.yml index fc78851..fdb7298 100644 --- a/.github/workflows/badges.yml +++ b/.github/workflows/badges.yml @@ -5,61 +5,59 @@ on: - develop schedule: - cron: "0 0 * * *" - jobs: get-badges: runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - name: Use Node.js - uses: actions/setup-node@v1 - with: - node-version: 10.x - - run: npm install - - id: libyear - uses: ./ - - run: mkdir badges - - uses: emibcn/badge-action@v1 - with: - label: 'libyear drift' - status: ${{ steps.libyear.outputs.drift }} year(s) behind - color: 'blue' - path: 'badges/drift.svg' - - uses: emibcn/badge-action@v1 - with: - label: 'libyear pulse' - status: ${{ steps.libyear.outputs.pulse }} year(s) behind - color: 'blue' - path: 'badges/pulse.svg' - - uses: emibcn/badge-action@v1 - with: - label: 'libyear' - status: ${{ steps.libyear.outputs.releases }} release(s) behind - color: 'blue' - path: 'badges/releases.svg' - - uses: emibcn/badge-action@v1 - with: - label: 'libyear' - status: ${{ steps.libyear.outputs.major }} major release(s) behind - color: 'blue' - path: 'badges/major.svg' - - uses: emibcn/badge-action@v1 - with: - label: 'libyear' - status: ${{ steps.libyear.outputs.minor }} minor release(s) behind - color: 'blue' - path: 'badges/minor.svg' - - uses: emibcn/badge-action@v1 - with: - label: 'libyear' - status: ${{ steps.libyear.outputs.patch }} patch release(s) behind - color: 'blue' - path: 'badges/patch.svg' - - uses: s0/git-publish-subdir-action@develop - env: - REPO: self - BRANCH: badges - FOLDER: badges - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SQUASH_HISTORY: true - + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master + - name: Use Node.js + uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1 + with: + node-version: 10.x + - run: npm install + - id: libyear + uses: ./ + - run: mkdir badges + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear drift' + status: ${{ steps.libyear.outputs.drift }} year(s) behind + color: 'blue' + path: 'badges/drift.svg' + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear pulse' + status: ${{ steps.libyear.outputs.pulse }} year(s) behind + color: 'blue' + path: 'badges/pulse.svg' + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear' + status: ${{ steps.libyear.outputs.releases }} release(s) behind + color: 'blue' + path: 'badges/releases.svg' + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear' + status: ${{ steps.libyear.outputs.major }} major release(s) behind + color: 'blue' + path: 'badges/major.svg' + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear' + status: ${{ steps.libyear.outputs.minor }} minor release(s) behind + color: 'blue' + path: 'badges/minor.svg' + - uses: emibcn/badge-action@d5e1c38612d8a624b9b49f9d8c8b5c82cd11ef19 # v1 + with: + label: 'libyear' + status: ${{ steps.libyear.outputs.patch }} patch release(s) behind + color: 'blue' + path: 'badges/patch.svg' + - uses: s0/git-publish-subdir-action@5bc6742efb946f4cba68c7a9067a31ea5631071d # develop + env: + REPO: self + BRANCH: badges + FOLDER: badges + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SQUASH_HISTORY: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 68692d1..a2aa46f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,42 +1,41 @@ name: Test branch on: push - jobs: ci: name: Run Build and check output is checked-in runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - name: Use Node.js - uses: actions/setup-node@v1 - with: - node-version: 10.x - - name: 'Build' - run: | - npm install - npm run build - - name: Check no files have changes - run: git diff --exit-code + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master + - name: Use Node.js + uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1 + with: + node-version: 10.x + - name: 'Build' + run: | + npm install + npm run build + - name: Check no files have changes + run: git diff --exit-code unit-tests: name: Run Unit Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - name: Use Node.js - uses: actions/setup-node@v1 - with: - node-version: 10.x - - name: Install NPM Packages - run: | - npm install - - name: Run Unit Tests - run: | - npm run test -- --coverage - - name: Check Linting - run: | - npm run lint - - name: Submit to CodeCov - uses: codecov/codecov-action@v1 - with: - file: ./coverage/lcov.info - fail_ci_if_error: true + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master + - name: Use Node.js + uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1 + with: + node-version: 10.x + - name: Install NPM Packages + run: | + npm install + - name: Run Unit Tests + run: | + npm run test -- --coverage + - name: Check Linting + run: | + npm run lint + - name: Submit to CodeCov + uses: codecov/codecov-action@29386c70ef20e286228c72b668a06fd0e8399192 # v1 + with: + file: ./coverage/lcov.info + fail_ci_if_error: true diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index bfe5fc3..517a6ca 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -10,16 +10,14 @@ # supported CodeQL languages. # name: "CodeQL" - on: push: - branches: [ develop ] + branches: [develop] pull_request: # The branches below must be a subset of the branches above - branches: [ develop ] + branches: [develop] schedule: - cron: '19 14 * * 2' - jobs: analyze: name: Analyze @@ -28,44 +26,38 @@ jobs: actions: read contents: read security-events: write - strategy: fail-fast: false matrix: - language: [ 'javascript' ] + language: ['javascript'] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] # Learn more: # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + - name: Checkout repository + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@2adeade71c5a811210de40b090a358ed9581536c # v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@2adeade71c5a811210de40b090a358ed9581536c # v1 + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@2adeade71c5a811210de40b090a358ed9581536c # v1 diff --git a/.github/workflows/libyear.yml b/.github/workflows/libyear.yml index 8b3fd5d..5dca491 100644 --- a/.github/workflows/libyear.yml +++ b/.github/workflows/libyear.yml @@ -1,18 +1,17 @@ name: Libyear on: push - jobs: libyear: name: Libyear runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - name: Use Node.js - uses: actions/setup-node@v1 - with: - node-version: 10.x - - name: 'Install NPM Packages' - run: | - npm install - - name: Run libyear action - uses: ./ + - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master + - name: Use Node.js + uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1 + with: + node-version: 10.x + - name: 'Install NPM Packages' + run: | + npm install + - name: Run libyear action + uses: ./