From 071c88bbda4ebad9d7ac6d8fd48190d3e50233ba Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jun 2026 17:59:08 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/cargotest.yml | 4 ++-- .github/workflows/compile.yml | 6 +++--- .github/workflows/coverity.yml | 6 +++--- .github/workflows/lmdbpytest.yml | 14 +++++++------- .github/workflows/npm.yml | 4 ++-- .github/workflows/pytest.yml | 14 +++++++------- .github/workflows/release.yml | 8 ++++---- .github/workflows/validate.yml | 4 ++-- 8 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/cargotest.yml b/.github/workflows/cargotest.yml index 37476875ba..5da4178d1f 100644 --- a/.github/workflows/cargotest.yml +++ b/.github/workflows/cargotest.yml @@ -22,11 +22,11 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 60 container: - image: quay.io/389ds/ci-images:fedora + image: quay.io/389ds/ci-images:fedora@sha256:5096a5980a8c158d591b27badf41d5cdb895e774144191af745c7cc1d8d8b79f steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Add GITHUB_WORKSPACE as a safe directory run: git config --global --add safe.directory "$GITHUB_WORKSPACE" diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml index 50d789f8ac..ba1b559c14 100644 --- a/.github/workflows/compile.yml +++ b/.github/workflows/compile.yml @@ -63,7 +63,7 @@ jobs: image: ${{ matrix.image }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Checkout and configure run: autoreconf -fvi && ./configure env: @@ -73,11 +73,11 @@ jobs: CXXFLAGS: ${{ matrix.cxxflags || env.CXXFLAGS }} LDFLAGS: ${{ matrix.ldflags || env.LDFLAGS }} - - uses: ammaraskar/gcc-problem-matcher@0.3.0 + - uses: ammaraskar/gcc-problem-matcher@0f9c86f9e693db67dacf53986e1674de5f2e5f28 # 0.3.0 - name: Build using ${{ matrix.compiler }} run: bash -c "(make V=0 2> >(tee /dev/stderr)) > log.txt" - - uses: actions/upload-artifact@v7 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: ${{ matrix.name }} path: log.txt diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index c55246c9e5..36dafeb78c 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -9,14 +9,14 @@ jobs: runs-on: ubuntu-24.04 container: - image: quay.io/389ds/ci-images:fedora + image: quay.io/389ds/ci-images:fedora@sha256:5096a5980a8c158d591b27badf41d5cdb895e774144191af745c7cc1d8d8b79f steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Checkout and configure run: autoreconf -fvi && ./configure - - uses: vapier/coverity-scan-action@v1 + - uses: vapier/coverity-scan-action@2068473c7bdf8c2fb984a6a40ae76ee7facd7a85 # v1 with: project: '389ds/389-ds-base' command: make diff --git a/.github/workflows/lmdbpytest.yml b/.github/workflows/lmdbpytest.yml index 2038dfa304..cee5936db5 100644 --- a/.github/workflows/lmdbpytest.yml +++ b/.github/workflows/lmdbpytest.yml @@ -31,12 +31,12 @@ jobs: runs-on: ubuntu-24.04 timeout-minutes: 30 container: - image: quay.io/389ds/ci-images:test + image: quay.io/389ds/ci-images:test@sha256:aa3284e73f32483805d3eac4b4ee2d4b90a9259836982b5c15f161d5c319b785 outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Add GITHUB_WORKSPACE as a safe directory run: git config --global --add safe.directory "$GITHUB_WORKSPACE" @@ -52,7 +52,7 @@ jobs: run: tar -cvf dist.tar dist/ - name: Upload RPMs - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: rpms path: dist.tar @@ -68,10 +68,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup tmate session - uses: mxschmitt/action-tmate@v3 + uses: mxschmitt/action-tmate@35b54afac29c97fb54faba5b513f8fbd1882f113 # v3 with: limit-access-to-actor: true if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled }} @@ -101,7 +101,7 @@ jobs: df -h - name: Download RPMs - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: rpms @@ -140,7 +140,7 @@ jobs: - name: Upload pytest test results if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: pytest-${{ env.PYTEST_SUITE }} include-hidden-files: true diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml index dd2858706f..037a46de7e 100644 --- a/.github/workflows/npm.yml +++ b/.github/workflows/npm.yml @@ -21,10 +21,10 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 container: - image: quay.io/389ds/ci-images:test + image: quay.io/389ds/ci-images:test@sha256:aa3284e73f32483805d3eac4b4ee2d4b90a9259836982b5c15f161d5c319b785 steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Run NPM Audit CI run: cd $GITHUB_WORKSPACE/src/cockpit/389-console && npx --yes audit-ci --config audit-ci.json diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index 5d0411816b..d74e9aeea4 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -31,12 +31,12 @@ jobs: runs-on: ubuntu-24.04 timeout-minutes: 30 container: - image: quay.io/389ds/ci-images:test + image: quay.io/389ds/ci-images:test@sha256:aa3284e73f32483805d3eac4b4ee2d4b90a9259836982b5c15f161d5c319b785 outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Add GITHUB_WORKSPACE as a safe directory run: git config --global --add safe.directory "$GITHUB_WORKSPACE" @@ -52,7 +52,7 @@ jobs: run: tar -cvf dist.tar dist/ - name: Upload RPMs - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: rpms path: dist.tar @@ -68,10 +68,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup tmate session - uses: mxschmitt/action-tmate@v3 + uses: mxschmitt/action-tmate@35b54afac29c97fb54faba5b513f8fbd1882f113 # v3 with: limit-access-to-actor: true if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled }} @@ -101,7 +101,7 @@ jobs: df -h - name: Download RPMs - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 with: name: rpms @@ -146,7 +146,7 @@ jobs: - name: Upload pytest test results if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: pytest-${{ env.PYTEST_SUITE }} include-hidden-files: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d2e1370747..9643e254ca 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: build: runs-on: ubuntu-latest container: - image: quay.io/389ds/ci-images:test + image: quay.io/389ds/ci-images:test@sha256:aa3284e73f32483805d3eac4b4ee2d4b90a9259836982b5c15f161d5c319b785 steps: - name: Get the version id: get_version @@ -33,7 +33,7 @@ jobs: VERSION: ${{ github.event.inputs.version || github.ref_name }} - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 ref: ${{ steps.get_version.outputs.version }} @@ -60,13 +60,13 @@ jobs: TAG=${{ steps.get_version.outputs.version }} make -f rpm.mk dist-bz2 - name: Upload tarball - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: ${{ steps.get_version.outputs.version }}.tar.bz2 path: ${{ steps.get_version.outputs.version }}.tar.bz2 - name: Release - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3 with: tag_name: ${{ steps.get_version.outputs.version }} files: | diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 524c9821ea..91bc395503 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -18,10 +18,10 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 30 container: - image: quay.io/389ds/ci-images:test + image: quay.io/389ds/ci-images:test@sha256:aa3284e73f32483805d3eac4b4ee2d4b90a9259836982b5c15f161d5c319b785 steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Run testimony if: always()