From 365a922ae86a54158921cbf74b9d725950c757cf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 7 Mar 2025 19:30:52 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/codeql.yml | 10 +++++----- .github/workflows/gradle.yml | 20 ++++++++++---------- .github/workflows/groovy-joint-workflow.yml | 16 ++++++++-------- .github/workflows/pre-release.yml | 6 +++--- .github/workflows/release-notes.yml | 2 +- .github/workflows/release.yml | 12 ++++++------ .github/workflows/retry-release.yml | 4 ++-- .github/workflows/sdkman.yml | 6 +++--- 8 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index db4c4598843..60f3edb9c32 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,15 +38,15 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -57,7 +57,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -71,4 +71,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3 diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 2e0fa88144f..f2f2b7acedf 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -18,7 +18,7 @@ jobs: contents: read steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "🔍 Check if we should skip publish" id: check_prevent_property run: | @@ -40,14 +40,14 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: ${{ matrix.java }} - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🔨 Build project" @@ -68,14 +68,14 @@ jobs: runs-on: ubuntu-latest steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: ${{ matrix.java }} - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🔨 Functional Tests" @@ -91,14 +91,14 @@ jobs: runs-on: ubuntu-latest steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📤 Publish Snapshot Artifacts to Artifactory (repo.grails.org/libs-snapshot-local)" diff --git a/.github/workflows/groovy-joint-workflow.yml b/.github/workflows/groovy-joint-workflow.yml index 8b97a2adb01..31c897d8cfc 100644 --- a/.github/workflows/groovy-joint-workflow.yml +++ b/.github/workflows/groovy-joint-workflow.yml @@ -16,17 +16,17 @@ jobs: groovyVersion: ${{ steps.groovy-version.outputs.value }} steps: - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🗄ī¸ Cache local Maven repository" - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 with: path: ~/.m2/repository key: cache-local-maven-${{ github.sha }} - name: "đŸ“Ĩ Checkout Grails Core to fetch Gradle Plugin versions it uses" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: sparse-checkout-cone-mode: false sparse-checkout: settings.gradle @@ -43,7 +43,7 @@ jobs: - name: "đŸ“Ĩ Checkout Groovy 4_0_X (Grails 7 and later)" run: git clone --depth 1 https://github.com/apache/groovy.git -b GROOVY_4_0_X --single-branch - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store Groovy version to use when building Grails" @@ -117,18 +117,18 @@ jobs: runs-on: ubuntu-latest steps: - name: "đŸ“Ĩ Checkout project" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🗄ī¸ Restore local Maven repository from cache" - uses: actions/cache@v4 + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 with: path: ~/.m2/repository key: cache-local-maven-${{ github.sha }} diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 5e8aee97291..79fdd9dc03d 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -416,7 +416,7 @@ jobs: -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/${{ github.repository_owner }}/packages/maven/org.grails.grails-testing-support || true - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "🛑 Set Prevent Snapshot Publishing Flag" if: ${{ github.event.inputs.preventSnapshots }} run: | @@ -434,12 +434,12 @@ jobs: echo "Publishing already disabled." fi - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: 'liberica' java-version: '17' - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: "⚙ Set version to ${{ github.event.inputs.targetVersion }}" diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml index f40a82c4567..ab493361b7a 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release-notes.yml @@ -19,6 +19,6 @@ jobs: runs-on: ubuntu-latest steps: - name: "📝 Update Release Draft" - uses: release-drafter/release-drafter@v6 + uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6 env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d752cf4fdce..e241704cac6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -410,7 +410,7 @@ jobs: -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/${{ github.repository_owner }}/packages/maven/org.grails.grails-testing-support - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: "⎌ Revert Prevent Snapshot Publishing Flag" run: | sed -i "s/^preventSnapshotPublish.*$/preventSnapshotPublish\=false/" gradle.properties @@ -426,12 +426,12 @@ jobs: echo "Publishing already enabled." fi - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store the target branch" @@ -498,17 +498,17 @@ jobs: contents: read # limit to read access steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: token: ${{ secrets.GH_TOKEN }} ref: v${{ needs.publish.outputs.release_version }} - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "đŸšĒ Nexus Staging Close And Release" diff --git a/.github/workflows/retry-release.yml b/.github/workflows/retry-release.yml index 9988e1b4bdb..2bb4b980508 100644 --- a/.github/workflows/retry-release.yml +++ b/.github/workflows/retry-release.yml @@ -20,7 +20,7 @@ jobs: GIT_USER_EMAIL: 'grails-build@users.noreply.github.com' steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: "v${{ github.event.inputs.release }}" token: ${{ secrets.GH_TOKEN }} @@ -30,7 +30,7 @@ jobs: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "📝 Store the target branch" diff --git a/.github/workflows/sdkman.yml b/.github/workflows/sdkman.yml index 013bd36160c..7ed1f4896ed 100644 --- a/.github/workflows/sdkman.yml +++ b/.github/workflows/sdkman.yml @@ -12,17 +12,17 @@ jobs: contents: read steps: - name: "đŸ“Ĩ Checkout repository" - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: token: ${{ secrets.GH_TOKEN }} ref: v${{ github.event.inputs.version }} - name: "☕ī¸ Setup JDK" - uses: actions/setup-java@v4 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4 with: distribution: liberica java-version: 17 - name: "🐘 Setup Gradle" - uses: gradle/actions/setup-gradle@v4 + uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4 with: develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - name: "🏆 Grails SDK Minor Release"