Skip to content

feat: use full commit SHA hash for dependency #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
shenxianpeng merged 1 commit into from
Sep 1, 2025
Merged

feat: use full commit SHA hash for dependency #42

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,11 +43,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@3c3833e0f8c1c83d449a7478aa59c036a9165498 #v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -60,7 +60,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
uses: github/codeql-action/autobuild@3c3833e0f8c1c83d449a7478aa59c036a9165498 #v3

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -74,6 +74,6 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@3c3833e0f8c1c83d449a7478aa59c036a9165498 #v3
with:
category: "/language:${{matrix.language}}"
6 changes: 3 additions & 3 deletions .github/workflows/mkdocs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,16 @@ jobs:
mkdocs-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: astral-sh/setup-uv@v6
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5
- uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b #v6
- name: Install dependencies
run: uv sync --group docs
- name: Check mkdocs build
if: github.ref != 'refs/heads/main'
run: uv run mkdocs build
- name: Upload docs build as artifact
if: github.ref != 'refs/heads/main'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4
with:
name: ${{ github.event.repository.name }}_docs
path: ${{ github.workspace }}/site
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/pre-commit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,16 @@ jobs:
run-pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/setup-python@v5
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 #v5
id: python-setup
with:
python-version: '3.x'
- name: Run commands
if: inputs.commands
run: ${{ inputs.commands }}
- name: Cache pre-commit environments
uses: actions/cache@v4
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 #v4
with:
path: '~/.cache/pre-commit'
key: pre-commit-${{ steps.python-setup.outputs.python-version }}-${{ hashFiles('.pre-commit-config.yaml') }}
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/py-coverage.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,16 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v5
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5

- name: Download all artifacts
uses: actions/download-artifact@v5
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5
with:
pattern: coverage-data-*
merge-multiple: true

- name: Setup python
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 #v5
with:
python-version: '3.x'

Expand All @@ -28,14 +28,14 @@ jobs:
coverage html

- name: Upload comprehensive coverage HTML report
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4
with:
name: coverage-report
path: htmlcov/

- run: coverage report && coverage xml

- uses: codecov/codecov-action@v5
- uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 #v5
env:
CODECOV_TOKEN: ${{secrets.CODECOV_TOKEN}}
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/py-publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v5
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5
# use fetch --all for setuptools_scm to work
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 #v5
with:
python-version: '3.x'

Expand All @@ -32,7 +32,7 @@ jobs:
run: twine check dist/*

- name: Create attestations
uses: actions/attest-build-provenance@v3
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a #v3
with:
subject-path: 'dist/*'

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-drafter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
runs-on: ubuntu-latest
steps:
# Draft your next Release notes as Pull Requests are merged into the default branch
- uses: release-drafter/release-drafter@v6
- uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 #v6
with:
commitish: '${{ inputs.commitish }}'
env:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/snyk-container.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@ jobs:
snyk:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5
- name: Run Snyk to check Docker image for vulnerabilities
continue-on-error: true
uses: snyk/actions/docker@master
uses: snyk/actions/docker@b98d498629f1c368650224d6d212bf7dfa89e4bf #v0.4.0
env:
# In order to use the Snyk Action you will need to have a Snyk API token.
# More details in https://github.com/snyk/actions#getting-your-snyk-token
Expand All @@ -21,6 +21,6 @@ jobs:
args: --severity-threshold=high --file=Dockerfile.all

- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498 #v3
with:
sarif_file: snyk.sarif
8 changes: 4 additions & 4 deletions .github/workflows/sphinx.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ jobs:
sphinx-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: astral-sh/setup-uv@v6
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5
- uses: astral-sh/setup-uv@4959332f0f014c5280e7eac8b70c90cb574c9f9b #v6

- name: Install dependencies
run: uv sync --group docs
Expand All @@ -23,15 +23,15 @@ jobs:
run: uv run sphinx-build docs ${{ inputs.path-to-doc }}

- name: Upload docs build as artifact
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4
with:
name: ${{ github.event.repository.name }}_docs
path: ${{ github.workspace }}/${{ inputs.path-to-doc }}

- name: Upload to github pages
# only publish doc changes from main branch
if: github.ref == 'refs/heads/main'
uses: peaceiris/actions-gh-pages@v4
uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e #v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./${{ inputs.path-to-doc }}
2 changes: 1 addition & 1 deletion .github/workflows/stale.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
- uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9
with:
stale-issue-message: >-
This issue has been automatically marked as stale because
Expand Down