Skip to content

Commit

Permalink
pin actions
Browse files Browse the repository at this point in the history
  • Loading branch information
cofiem committed Jan 12, 2025
1 parent 40818d0 commit 21f9252
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/code-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
uses: github/codeql-action/analyze@v3

- name: Run pip audit
uses: pypa/gh-action-pip-audit@v1.1.0
uses: pypa/gh-action-pip-audit@1220774d901786e6f652ae159f7b6bc8fea6d266
continue-on-error: true
with:
inputs: '.'
6 changes: 3 additions & 3 deletions .github/workflows/pypi-package.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
fetch-depth: 0
persist-credentials: false

- uses: hynek/build-and-inspect-python-package@v2
- uses: hynek/build-and-inspect-python-package@14c7e53f5d033cfa99f7af916fa59a6f7f356394
with:
attest-build-provenance-github: 'true'

Expand All @@ -53,7 +53,7 @@ jobs:
path: dist

- name: Upload package to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70
with:
repository-url: https://test.pypi.org/legacy/
print-hash: true
Expand Down Expand Up @@ -81,7 +81,7 @@ jobs:
path: dist

- name: Upload package to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70
with:
print-hash: true
verbose: true
2 changes: 1 addition & 1 deletion .github/workflows/test-package.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
fetch-depth: 0
persist-credentials: false

- uses: hynek/build-and-inspect-python-package@v2
- uses: hynek/build-and-inspect-python-package@14c7e53f5d033cfa99f7af916fa59a6f7f356394
id: baipp

outputs:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/zizmor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
persist-credentials: false

- name: Setup Rust
uses: actions-rust-lang/setup-rust-toolchain@v1
uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8

- name: Get zizmor
run: cargo install zizmor
Expand Down

0 comments on commit 21f9252

Please sign in to comment.