diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3110b29d..867d7308 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -10,13 +10,13 @@ on: push: branches: ["main"] paths-ignore: [ - "**/*.rst", "**/*.txt", "**/.flake8", "**/.gitignore", "**/.*rc", "**/*.cfg", "**/*.toml", "lib/cli_command_parser/__version__.py" + "**/*.rst", "**/*.txt", "**/.md", "**/.gitignore", "**/.*rc", "**/*.cfg", "**/*.toml", ".*.ya?ml", "lib/cli_command_parser/__version__.py" ] pull_request: # The branches below must be a subset of the branches above branches: ["main"] paths-ignore: [ - "**/*.rst", "**/*.txt", "**/.flake8", "**/.gitignore", "**/.*rc", "**/*.cfg", "**/*.toml", "lib/cli_command_parser/__version__.py" + "**/*.rst", "**/*.txt", "**/.md", "**/.gitignore", "**/.*rc", "**/*.cfg", "**/*.toml", ".*.ya?ml", "lib/cli_command_parser/__version__.py" ] schedule: - cron: '29 17 * * 4' @@ -35,10 +35,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ matrix.python-version }} @@ -52,7 +52,7 @@ jobs: echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: languages: ${{ matrix.language }} setup-python-dependencies: false @@ -65,4 +65,4 @@ jobs: # queries: security-extended,security-and-quality - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 3b111658..ab90e5bf 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -13,9 +13,9 @@ jobs: matrix: python-version: ["3.12"] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -25,7 +25,7 @@ jobs: - name: Generate docs run: python bin/build_docs.py -cu - name: GitHub Pages action - uses: peaceiris/actions-gh-pages@v4 + uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./docs/ diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 7305c206..729e3d11 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -23,9 +23,9 @@ jobs: sudo apt-get update sudo apt install locales -y sudo locale-gen en_US.UTF-8 fr_FR.UTF-8 ko_KR.UTF-8 - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -42,7 +42,7 @@ jobs: - name: Generate coverage report run: pytest --cov-branch --cov=./lib/ --cov-report=xml - name: Upload coverage report to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 with: token: ${{ secrets.CODECOV_TOKEN }} directory: ./coverage/reports/