diff --git a/.github/workflows/deploy-azure-assets.yaml b/.github/workflows/deploy-azure-assets.yaml index ecd296108..f1174db96 100644 --- a/.github/workflows/deploy-azure-assets.yaml +++ b/.github/workflows/deploy-azure-assets.yaml @@ -18,7 +18,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Get the version id: get-version diff --git a/.github/workflows/docker-test.yaml b/.github/workflows/docker-test.yaml index 5ca1346fd..b0a2ac6b2 100644 --- a/.github/workflows/docker-test.yaml +++ b/.github/workflows/docker-test.yaml @@ -19,7 +19,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Checkout" - uses: "actions/checkout@v4" + uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2 - name: "Prepare action (adjust configure-guides-step)" ################################################################## diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index d756b3003..eec067dc4 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -20,7 +20,7 @@ jobs: - linux/amd64 - linux/arm64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Prepare image name run: | @@ -31,7 +31,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -42,24 +42,24 @@ jobs: type=semver,pattern={{major}} - name: Log in to the Container registry - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Build and push id: build env: TYPO3AZUREEDGEURIVERSION: ${{ env.DOCKER_METADATA_OUTPUT_VERSION }} - uses: docker/build-push-action@v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 with: context: . push: ${{ github.event_name != 'pull_request' }} @@ -77,7 +77,7 @@ jobs: touch "/tmp/digests/${digest#sha256:}" - name: Upload digest - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: digests-${{ env.PLATFORM_NAME }} overwrite: true @@ -97,18 +97,18 @@ jobs: - name: Download digests - uses: actions/download-artifact@v4 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: pattern: digests-* merge-multiple: true path: /tmp/digests - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Docker meta id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -118,7 +118,7 @@ jobs: type=raw,value=latest,enable=true - name: Log in to the Container registry - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 287b00f89..071d93d8c 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -22,19 +22,20 @@ jobs: - '8.2' - '8.3' - '8.4' + - '8.5' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: "Install PHP" - uses: "shivammathur/setup-php@v2" + uses: "shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1" # v2.36.0 with: coverage: "none" php-version: "${{ matrix.php }}" extensions: 'inotify, pcntl' - name: "Install dependencies with Composer" - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # 3.1.1 with: dependency-versions: "locked" @@ -49,17 +50,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: "Install PHP" - uses: "shivammathur/setup-php@v2" + uses: "shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1" # v2.36.0 with: coverage: "none" php-version: "${{ env.DEFAULT_PHP_VERSION }}" extensions: 'inotify, pcntl' - name: "Install dependencies with Composer" - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # 3.1.1 with: dependency-versions: "locked" @@ -86,17 +87,17 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Checkout" - uses: "actions/checkout@v4" + uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2 - name: "Install PHP" - uses: "shivammathur/setup-php@v2" + uses: "shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1" # v2.36.0 with: coverage: "none" php-version: "${{ env.DEFAULT_PHP_VERSION }}" extensions: 'inotify, pcntl' - name: "Install dependencies with Composer" - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # 3.1.1 with: dependency-versions: "locked" diff --git a/.github/workflows/pr-auto-approve.yaml b/.github/workflows/pr-auto-approve.yaml index fe43162e0..b575acbe4 100644 --- a/.github/workflows/pr-auto-approve.yaml +++ b/.github/workflows/pr-auto-approve.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1 + uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/pr-auto-merge.yaml b/.github/workflows/pr-auto-merge.yaml index 013e8efc3..24ba26948 100644 --- a/.github/workflows/pr-auto-merge.yaml +++ b/.github/workflows/pr-auto-merge.yaml @@ -17,7 +17,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 + uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/split-repositories.yaml b/.github/workflows/split-repositories.yaml index 295699d1c..57ca11dc3 100644 --- a/.github/workflows/split-repositories.yaml +++ b/.github/workflows/split-repositories.yaml @@ -20,22 +20,22 @@ jobs: runs-on: "ubuntu-latest" name: "Publish Sub-split" steps: - - uses: "actions/checkout@v4" + - uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2 with: fetch-depth: "0" persist-credentials: "false" - - uses: "frankdejonge/use-github-token@1.0.2" + - uses: "frankdejonge/use-github-token@15e6289d07c12b3b1603268a628bb74f2e9765f4" # 1.1.0 with: authentication: "typo3-documentation-team:${{ secrets.BOT_TOKEN }}" user_name: "TYPO3 Documentation Team" user_email: "documentation-automation@typo3.com" - name: "Cache splitsh-lite" id: "splitsh-cache" - uses: "actions/cache@v4" + uses: "actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306" # v5.0.3 with: path: "./.splitsh" key: "${{ runner.os }}-splitsh-d-101" - - uses: "frankdejonge/use-subsplit-publish@1.0.0" + - uses: "frankdejonge/use-subsplit-publish@0001015147267203898034927e8cccad3a7a9aa7" # 1.1.0 with: source-branch: "main" config-path: "./config.subsplit-publish.json"