Skip to content

Commit 26983b7

Browse files
PlaneshifterPlaneshifter
committed
build: pin internal GitHub actions via full-length commit SHA
1 parent 56d1b86 commit 26983b7

6 files changed

Lines changed: 14 additions & 7 deletions

.github/workflows/discussion_bot_response.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,8 @@ jobs:
4848
steps:
4949
# Run the chatbot action:
5050
- name: 'Run chatbot action'
51-
uses: stdlib-js/stdlib-chat-bot@main
51+
# Pin action to full length commit SHA
52+
uses: stdlib-js/stdlib-chat-bot@6c0643a5a1eb3c782b2df3bfd11e836d2ac7268e # v0.0.1
5253
with:
5354
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
5455
GITHUB_TOKEN: ${{ secrets.CHATBOT_GITHUB_TOKEN }}

.github/workflows/discussion_comment_bot_response.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,8 @@ jobs:
4848
steps:
4949
# Run the chatbot action:
5050
- name: 'Run chatbot action'
51-
uses: stdlib-js/stdlib-chat-bot@main
51+
# Pin action to full length commit SHA
52+
uses: stdlib-js/stdlib-chat-bot@6c0643a5a1eb3c782b2df3bfd11e836d2ac7268e # v0.0.1
5253
with:
5354
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
5455
GITHUB_TOKEN: ${{ secrets.CHATBOT_GITHUB_TOKEN }}

.github/workflows/markdown_src_attributes.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,8 @@ jobs:
8585

8686
# Check for broken `src` attribute URLs:
8787
- name: 'Check `src` attribute URLs'
88-
uses: stdlib-js/check-markdown-src-action@main
88+
# Pin action to full length commit SHA
89+
uses: stdlib-js/check-markdown-src-action@9d9c0883b8c06a04576a146e480ef7937c51cdbf # v2.0.1
8990
id: results
9091
with:
9192
exclude: /path/to/

.github/workflows/scaffold_pkg_via_branch_push.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,8 @@ jobs:
7575
# Run the command to scaffold a package:
7676
- name: 'Scaffold package'
7777
id: scaffold
78-
uses: stdlib-js/scaffold-pkg-pr-action@main
78+
# Pin action to full length commit SHA
79+
uses: stdlib-js/scaffold-pkg-pr-action@882ef0cbb70c1fb76135b9620232606686c1cb10 # v0.0.1
7980
with:
8081
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
8182
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/scaffold_pkg_via_issue_comment.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,8 @@ jobs:
5858
- name: 'Scaffold package'
5959
if: ${{ contains(github.event.comment.body, 'scaffold') }}
6060
id: scaffold
61-
uses: stdlib-js/scaffold-pkg-pr-action@main
61+
# Pin action to full length commit SHA
62+
uses: stdlib-js/scaffold-pkg-pr-action@882ef0cbb70c1fb76135b9620232606686c1cb10 # v0.0.1
6263
with:
6364
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
6465
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/scaffold_pkg_via_pull_request_assignment.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -149,7 +149,8 @@ jobs:
149149
# Run the command to scaffold a package:
150150
- name: 'Scaffold package'
151151
id: scaffold
152-
uses: stdlib-js/scaffold-pkg-pr-action@main
152+
# Pin action to full length commit SHA
153+
uses: stdlib-js/scaffold-pkg-pr-action@882ef0cbb70c1fb76135b9620232606686c1cb10 # v0.0.1
153154
with:
154155
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
155156
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -244,7 +245,8 @@ jobs:
244245
# Run the command to scaffold a package:
245246
- name: 'Scaffold package'
246247
id: scaffold
247-
uses: stdlib-js/scaffold-pkg-pr-action@main
248+
# Pin action to full length commit SHA
249+
uses: stdlib-js/scaffold-pkg-pr-action@882ef0cbb70c1fb76135b9620232606686c1cb10 # v0.0.1
248250
with:
249251
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
250252
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

0 commit comments

Comments
 (0)