diff --git a/.github/actions/artifact-from-cirrus/action.yaml b/.github/actions/artifact-from-cirrus/action.yaml index aef01bb5fd..2ff671fad9 100644 --- a/.github/actions/artifact-from-cirrus/action.yaml +++ b/.github/actions/artifact-from-cirrus/action.yaml @@ -112,7 +112,7 @@ runs: echo "artifacts=${artifacts}" >> "$GITHUB_OUTPUT" - name: Save artifact to GitHub Actions if: steps.find-task.outputs.task_found - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ inputs.upload }} path: ${{ steps.download.outputs.artifacts }} diff --git a/.github/actions/cache-on-main/action.yaml b/.github/actions/cache-on-main/action.yaml index 181ab6cfa7..dfac083722 100644 --- a/.github/actions/cache-on-main/action.yaml +++ b/.github/actions/cache-on-main/action.yaml @@ -19,14 +19,14 @@ inputs: runs: using: composite steps: - - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 if: ${{ startsWith(github.ref, 'refs/heads/') || (inputs.save-prs && startsWith(github.ref, 'refs/pull/')) }} with: path: ${{ inputs.path }} key: ${{ runner.os }}-${{ inputs.prefix }}-${{ inputs.suffix }} restore-keys: | ${{ runner.os }}-${{ inputs.prefix }}- - - uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + - uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 if: ${{ !startsWith(github.ref, 'refs/heads/') && !(inputs.save-prs && startsWith(github.ref, 'refs/pull/')) }} with: path: ${{ inputs.path }} diff --git a/.github/scripts/arm/docker-env/Dockerfile b/.github/scripts/arm/docker-env/Dockerfile index 35ca715f76..57f1f0bf71 100644 --- a/.github/scripts/arm/docker-env/Dockerfile +++ b/.github/scripts/arm/docker-env/Dockerfile @@ -1,6 +1,6 @@ # PostgREST docker hub image -FROM ubuntu:noble@sha256:dfc10878be8d8fc9c61cbff33166cb1d1fe44391539243703c72766894fa834a AS postgrest +FROM ubuntu:noble@sha256:99c35190e22d294cdace2783ac55effc69d32896daaa265f0bbedbcde4fbe3e5 AS postgrest RUN apt-get update -y \ && apt install -y --no-install-recommends libpq-dev zlib1g-dev jq gcc libnuma-dev \ diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3ba3ea68a7..2f4500bfc3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -33,7 +33,7 @@ jobs: name: Nix - Linux static runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -42,7 +42,7 @@ jobs: - name: Build static executable run: nix-build -A postgrestStatic - name: Save built executable as artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: postgrest-linux-static-x64 path: result/bin/postgrest @@ -51,7 +51,7 @@ jobs: - name: Build Docker image run: nix-build -A docker.image --out-link postgrest-docker.tar.gz - name: Save built Docker image as artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: postgrest-docker-x64 path: postgrest-docker.tar.gz @@ -62,7 +62,7 @@ jobs: name: Nix - MacOS runs-on: macos-12 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -118,7 +118,7 @@ jobs: name: Stack - ${{ matrix.name }} runs-on: ${{ matrix.runs-on }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: haskell-actions/setup@dd344bc1cec854a369df8814ce17ef337d6e6170 # v2.7.6 with: # This must match the version in stack.yaml's resolver @@ -148,7 +148,7 @@ jobs: run: strip result/postgrest* - name: Save built executable as artifact if: matrix.artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.artifact }} path: | @@ -161,7 +161,7 @@ jobs: name: Stack - FreeBSD from CirrusCI runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/artifact-from-cirrus with: token: ${{ github.token }} @@ -178,7 +178,7 @@ jobs: name: Cabal - Linux GHC ${{ matrix.ghc }} runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: haskell-actions/setup@dd344bc1cec854a369df8814ce17ef337d6e6170 # v2.7.6 with: ghc-version: ${{ matrix.ghc }} diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml index eb705e454e..c07c831e07 100644 --- a/.github/workflows/check.yaml +++ b/.github/workflows/check.yaml @@ -20,7 +20,7 @@ jobs: name: Lint & Style runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ac7ac4c75e..3aec53d416 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -59,7 +59,7 @@ jobs: GITHUB_COMMIT: ${{ github.sha }} GHC_VERSION: '9.4.8' steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - id: Remote-Dir name: Unique directory name for the remote build run: echo "remotepath=postgrest-build-$(uuidgen)" >> "$GITHUB_OUTPUT" @@ -99,7 +99,7 @@ jobs: - name: Extract downloaded binaries run: tar -xvf result.tar.xz && rm result.tar.xz - name: Save aarch64 executable as artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: postgrest-ubuntu-aarch64 path: result/postgrest @@ -129,7 +129,7 @@ jobs: - build - arm steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ssh-key: ${{ secrets.POSTGREST_SSH_KEY }} - name: Tag latest commit @@ -160,7 +160,7 @@ jobs: - build - arm steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check the version to be released run: | cabal_version="$(grep -oP '^version:\s*\K.*' postgrest.cabal)" @@ -183,7 +183,7 @@ jobs: echo "Relevant extract from CHANGELOG.md:" cat CHANGES.md - name: Save CHANGES.md as artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: release-changes path: CHANGES.md @@ -199,7 +199,7 @@ jobs: - prepare if: success() || needs.prepare.result == 'success' steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download all artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: @@ -226,7 +226,7 @@ jobs: artifacts/postgrest-windows-x64/postgrest.exe - name: Save release bundle - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: release-bundle path: release-bundle @@ -273,7 +273,7 @@ jobs: DOCKER_USER: ${{ vars.DOCKER_USER }} DOCKER_PASS: ${{ secrets.DOCKER_PASS }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download Docker image uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: @@ -303,7 +303,7 @@ jobs: vars.DOCKER_REPO && vars.DOCKER_USER && github.ref == 'refs/tags/devel' steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0 with: username: ${{ vars.DOCKER_USER }} @@ -325,7 +325,7 @@ jobs: DOCKER_USER: ${{ vars.DOCKER_USER }} DOCKER_PASS: ${{ secrets.DOCKER_PASS }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Publish images for ARM builds on Docker Hub uses: appleboy/ssh-action@master env: @@ -350,7 +350,7 @@ jobs: env: REMOTE_DIR: ${{ needs.arm.outputs.remotepath }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Remove uploaded files from server uses: appleboy/ssh-action@master with: diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 661209e543..8920dacc52 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -27,7 +27,7 @@ jobs: name: Build runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -41,7 +41,7 @@ jobs: name: Spellcheck runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -58,7 +58,7 @@ jobs: if: github.base_ref == 'main' runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 339524431b..0df9e049b5 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -39,7 +39,7 @@ jobs: # https://github.com/actions/runner/issues/241#issuecomment-842566950 shell: script -qec "bash --noprofile --norc -eo pipefail {0}" steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -49,7 +49,7 @@ jobs: - name: Run coverage (IO tests and Spec tests against PostgreSQL 15) run: postgrest-coverage - name: Upload coverage to codecov - uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./coverage/codecov.json token: ${{ secrets.CODECOV_TOKEN }} @@ -76,7 +76,7 @@ jobs: # https://github.com/actions/runner/issues/241#issuecomment-842566950 shell: script -qec "bash --noprofile --norc -eo pipefail {0}" steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -100,7 +100,7 @@ jobs: name: Memory runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Nix Environment uses: ./.github/actions/setup-nix with: @@ -114,7 +114,7 @@ jobs: name: Loadtest runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Setup Nix Environment @@ -131,7 +131,7 @@ jobs: postgrest-loadtest-against main ${{ steps.get-latest-tag.outputs.tag }} postgrest-loadtest-report > loadtest/loadtest.md - name: Upload report - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: loadtest.md path: loadtest/loadtest.md