From ad9514f3f06efafbff4ba88359ec4958704766f0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 14:13:27 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/codeql.yml | 10 +++++----- .github/workflows/gradle.yml | 12 ++++++------ .github/workflows/groovy-joint-workflow.yml | 16 ++++++++-------- .github/workflows/release-notes.yml | 2 +- .github/workflows/release.yml | 12 ++++++------ .github/workflows/retry-release.yml | 4 ++-- .github/workflows/sdkman.yml | 6 +++--- 7 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index db4c4598843..8b816201e8a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,15 +38,15 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -57,7 +57,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -71,4 +71,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 55371027c58..d1052169e2c 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -20,14 +20,14 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: ${{ matrix.java }} - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🔨 Build project" @@ -44,14 +44,14 @@ jobs: runs-on: ubuntu-latest steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📤 Publish Snapshot Artifacts to Artifactory (repo.grails.org/libs-snapshot-local)" diff --git a/.github/workflows/groovy-joint-workflow.yml b/.github/workflows/groovy-joint-workflow.yml index 0fe1d42d3f6..391ff7feded 100644 --- a/.github/workflows/groovy-joint-workflow.yml +++ b/.github/workflows/groovy-joint-workflow.yml @@ -16,17 +16,17 @@ jobs: groovyVersion: ${{ steps.groovy-version.outputs.value }} steps: - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🗄ī¸ Cache local Maven repository" - uses: actions/cache@v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ~/.m2/repository key: cache-local-maven-${{ github.sha }} - name: "đŸ“Ĩ Checkout Grails Core to fetch Gradle Plugin versions it uses" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: sparse-checkout-cone-mode: false sparse-checkout: settings.gradle @@ -43,7 +43,7 @@ jobs: - name: "đŸ“Ĩ Checkout Groovy 4_0_X (Grails 7 and later)" run: git clone --depth 1 https://github.com/apache/groovy.git -b GROOVY_4_0_X --single-branch - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store Groovy version to use when building Grails" @@ -117,18 +117,18 @@ jobs: runs-on: ubuntu-latest steps: - name: "đŸ“Ĩ Checkout project" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🗄ī¸ Restore local Maven repository from cache" - uses: actions/cache@v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ~/.m2/repository key: cache-local-maven-${{ github.sha }} diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml index f40a82c4567..a4b35828a54 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release-notes.yml @@ -19,6 +19,6 @@ jobs: runs-on: ubuntu-latest steps: - name: "📝 Update Release Draft" - uses: release-drafter/release-drafter@v6 + uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6 env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2f5923afc80..34a4e4e417b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,14 +17,14 @@ jobs: GIT_USER_EMAIL: 'grails-build@users.noreply.github.com' steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store the target branch" @@ -90,17 +90,17 @@ jobs: contents: read # limit to read access steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: token: ${{ secrets.GH_TOKEN }} ref: v${{ needs.publish.outputs.release_version }} - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "đŸšĒ Nexus Staging Close And Release" diff --git a/.github/workflows/retry-release.yml b/.github/workflows/retry-release.yml index 9988e1b4bdb..0ddac0d012c 100644 --- a/.github/workflows/retry-release.yml +++ b/.github/workflows/retry-release.yml @@ -20,7 +20,7 @@ jobs: GIT_USER_EMAIL: 'grails-build@users.noreply.github.com' steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: "v${{ github.event.inputs.release }}" token: ${{ secrets.GH_TOKEN }} @@ -30,7 +30,7 @@ jobs: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store the target branch" diff --git a/.github/workflows/sdkman.yml b/.github/workflows/sdkman.yml index 013bd36160c..495ec67774a 100644 --- a/.github/workflows/sdkman.yml +++ b/.github/workflows/sdkman.yml @@ -12,17 +12,17 @@ jobs: contents: read steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: token: ${{ secrets.GH_TOKEN }} ref: v${{ github.event.inputs.version }} - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🏆 Grails SDK Minor Release"