diff --git a/.github/workflows/actions-versions-updater.yml b/.github/workflows/actions-versions-updater.yml index 1a54a891f..3bf7aad0f 100644 --- a/.github/workflows/actions-versions-updater.yml +++ b/.github/workflows/actions-versions-updater.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 with: token: ${{ secrets.WORKFLOW_TOKEN }} - name: Run GitHub Actions Version Updater diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 82385cabf..575d31f21 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -29,10 +29,10 @@ jobs: name: Bumpversion Patch runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 with: persist-credentials: false - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v4.7.0 with: python-version: "3.x" - name: Config Commit Bot @@ -50,7 +50,7 @@ jobs: NEW_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" echo "new_version=${NEW_VERSION}" - name: Push Changes - uses: ad-m/github-push-action@master + uses: ad-m/github-push-action@v0.6.0 with: force: false github_token: ${{ secrets.BUMPVERSION_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d3c7157bc..e58335449 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,13 +35,13 @@ jobs: - 'python' steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v3.6.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@codeql-bundle-20230524 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@codeql-bundle-20230524 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@codeql-bundle-20230524 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6a5426a80..64398fa73 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,6 +16,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v3.6.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@v3 + uses: actions/dependency-review-action@v3.0.8 diff --git a/.github/workflows/first_pull_request.yml b/.github/workflows/first_pull_request.yml index d7125e785..1956b8b26 100644 --- a/.github/workflows/first_pull_request.yml +++ b/.github/workflows/first_pull_request.yml @@ -10,7 +10,7 @@ jobs: name: Welcome runs-on: ubuntu-latest steps: - - uses: actions/github-script@v6 + - uses: actions/github-script@v6.4.1 with: script: | // Get a list of all issues created by the PR opener diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index 31aa79f68..6060fe1c1 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -20,6 +20,6 @@ jobs: label: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@v4.3.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/label_on_approval.yml b/.github/workflows/label_on_approval.yml index 912b748ce..38b9f8a78 100644 --- a/.github/workflows/label_on_approval.yml +++ b/.github/workflows/label_on_approval.yml @@ -11,7 +11,7 @@ jobs: if: github.event.review.state == 'approved' runs-on: ubuntu-latest steps: - - uses: actions/github-script@v6 + - uses: actions/github-script@v6.4.1 with: script: | github.rest.issues.addLabels({ diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f4094dac7..782beaf08 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -39,9 +39,9 @@ jobs: uses: styfle/cancel-workflow-action@0.11.0 with: access_token: ${{ github.token }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.0 with: python-version: ${{ matrix.python-version }} - name: Install pylint and tox @@ -63,9 +63,9 @@ jobs: - tox-env: "py39" python-version: "3.9" steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.0 with: python-version: ${{ matrix.python-version }} - name: Install tox @@ -95,14 +95,14 @@ jobs: - tox-env: py311-coverage-sbck python-version: "3.11" steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Install Eigen3 if: contains(matrix.tox-env, 'sbck') run: | sudo apt-get update sudo apt-get install libeigen3-dev - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.0 with: python-version: ${{ matrix.python-version }} - name: Install tox @@ -132,9 +132,9 @@ jobs: run: shell: bash -l {0} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@v1 + uses: mamba-org/setup-micromamba@v1.4.3 with: cache-downloads: true cache-environment: true diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index 00d968e45..af9412a52 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -10,9 +10,9 @@ jobs: name: Build and publish Python 🐍 distributions 📦 to PyPI runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Set up Python3 - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.0 with: python-version: "3.x" - name: Install packaging libraries @@ -20,7 +20,7 @@ jobs: - name: Build a binary wheel and a source tarball run: flit build - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@v1.8.10 with: user: __token__ password: ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index dc3fdcf24..0f7279aa7 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -10,9 +10,9 @@ jobs: name: Build and publish Python 🐍 distributions 📦 to TestPyPI runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Set up Python3 - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.0 with: python-version: "3.x" - name: Install packaging libraries @@ -20,7 +20,7 @@ jobs: - name: Build a binary wheel and a source tarball run: flit build - name: Publish distribution 📦 to Test PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@v1.8.10 with: user: __token__ password: ${{ secrets.TEST_PYPI_API_TOKEN }} diff --git a/.github/workflows/testdata_version.yml b/.github/workflows/testdata_version.yml index 88cc41108..379b091ed 100644 --- a/.github/workflows/testdata_version.yml +++ b/.github/workflows/testdata_version.yml @@ -14,7 +14,7 @@ jobs: name: Check Latest xclim-testdata Tag runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 - name: Find xclim-testdata Tag and CI Testing Branch run: | XCLIM_TESTDATA_TAG="$( \ @@ -30,7 +30,7 @@ jobs: echo "Latest xclim-testdata tag: ${{ env.XCLIM_TESTDATA_TAG }}" echo "Tag for xclim-testdata in CI: ${{ env.XCLIM_TESTDATA_BRANCH }}" - name: Find Comment - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@v2.4.0 id: fc with: issue-number: ${{ github.event.pull_request.number }} @@ -38,13 +38,13 @@ jobs: body-includes: It appears that this PR modifies the `XCLIM_TESTDATA_BRANCH` environment variable - name: Compare Versions if: ${{( env.XCLIM_TESTDATA_TAG != env.XCLIM_TESTDATA_BRANCH )}} - uses: actions/github-script@v6 + uses: actions/github-script@v6.4.1 with: script: | core.setFailed('Configured `xclim-testdata` tag is not `latest`.') - name: Update Failure Comment if: ${{ failure() }} - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3.0.2 with: comment-id: ${{ steps.fc.outputs.comment-id }} issue-number: ${{ github.event.pull_request.number }} @@ -58,7 +58,7 @@ jobs: edit-mode: replace - name: Update Success Comment if: ${{ success() }} - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@v3.0.2 with: comment-id: ${{ steps.fc.outputs.comment-id }} issue-number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index e95d64801..8b8d77c6e 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -34,11 +34,11 @@ jobs: run: shell: bash -l {0} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v3.6.0 with: fetch-depth: 0 # Fetch all history for all branches and tags. - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@v1 + uses: mamba-org/setup-micromamba@v1.4.3 with: cache-downloads: true cache-environment: true @@ -76,6 +76,6 @@ jobs: && steps.status.outcome == 'failure' && github.event_name == 'schedule' && github.repository_owner == 'Ouranosinc' - uses: xarray-contrib/issue-from-pytest-log@v1 + uses: xarray-contrib/issue-from-pytest-log@v1.2.6 with: log-path: output-${{ matrix.python-version }}-log.jsonl