diff options
author | Diogo Teles Sant'Anna <diogoteles@google.com> | 2023-12-13 04:17:13 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-12-13 04:17:13 (GMT) |
commit | b7423ffbe5826697e293963706c75b2dfe9d2788 (patch) | |
tree | 607607fb6a15528de5d0eb7cc9ed51a19a1a4f34 /.github/workflows/release-files.yml | |
parent | e81fb9eddf4643a4b31b155403e1d475b6e5af17 (diff) | |
download | hdf5-b7423ffbe5826697e293963706c75b2dfe9d2788.zip hdf5-b7423ffbe5826697e293963706c75b2dfe9d2788.tar.gz hdf5-b7423ffbe5826697e293963706c75b2dfe9d2788.tar.bz2 |
Feat: Hashpin sensitive dependencies on GitHub Actions and enable Dependabot to update them monthly (#3892)
* feat: hashpin sensitive dependencies on GHAs
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat: enable dependabot for monthly updates on GHA
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
---------
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
Diffstat (limited to '.github/workflows/release-files.yml')
-rw-r--r-- | .github/workflows/release-files.yml | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/.github/workflows/release-files.yml b/.github/workflows/release-files.yml index 5a31544..2505534 100644 --- a/.github/workflows/release-files.yml +++ b/.github/workflows/release-files.yml @@ -40,14 +40,14 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - run: | git checkout ${{ inputs.file_sha }} - - uses: rickstaa/action-create-tag@v1 + - uses: rickstaa/action-create-tag@a1c7777fcb2fee4f19b0f283ba888afa11678b72 # v1.7.2 id: "tag_create" with: commit_sha: ${{ inputs.file_sha }} @@ -75,7 +75,7 @@ jobs: # Get files created by tarball script - name: Get doxygen (Linux) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: docs-doxygen path: ${{ github.workspace }}/${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen @@ -84,32 +84,32 @@ jobs: run: zip -r ${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen.zip ./${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen - name: Get tgz-tarball (Linux) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: tgz-tarball path: ${{ github.workspace }} - name: Get zip-tarball (Windows) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: zip-tarball path: ${{ github.workspace }} # Get files created by cmake-ctest script - name: Get published binary (Windows) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: zip-vs2022-binary path: ${{ github.workspace }} - name: Get published binary (MacOS) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: tgz-osx12-binary path: ${{ github.workspace }} - name: Get published binary (Linux) - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: tgz-ubuntu-2204-binary path: ${{ github.workspace }} @@ -121,7 +121,7 @@ jobs: - name: PreRelease tag id: create_prerelease if: ${{ (inputs.use_environ == 'snapshots') }} - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 with: tag_name: "${{ inputs.use_tag }}" prerelease: true @@ -138,7 +138,7 @@ jobs: - name: Release tag id: create_release if: ${{ (inputs.use_environ == 'release') }} - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 with: tag_name: "${{ inputs.use_tag }}" prerelease: false @@ -158,7 +158,7 @@ jobs: ls ${{ runner.workspace }} - name: dev-only-docs - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ${{ github.workspace }}/${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen |