From 96654b6cc75d3ee599803d9a5cd69dcb7b61285e Mon Sep 17 00:00:00 2001 From: Jim Daniels Wasswa <104334373+jim-deriv@users.noreply.github.com> Date: Wed, 31 Jan 2024 18:37:16 +0800 Subject: [PATCH] chore: replace versions with SHA (#13248) --- .github/actions/invalidate_npm_cache/action.yml | 2 +- .github/actions/npm_install_from_cache/action.yml | 2 +- .github/actions/setup_node/action.yml | 2 +- .github/workflows/coveralls.yml | 4 ++-- .../workflows/generate_and_push_deriv_api_types.yml | 4 ++-- .github/workflows/generate_app_id.yml | 2 +- .github/workflows/integration-tests.yml | 2 +- .github/workflows/lighthouse.yml | 12 ++++++------ .github/workflows/merge_and_release_to_staging.yml | 4 ++-- .../workflows/push_and_pull_crowdin_translations.yml | 4 ++-- .github/workflows/release_production.yml | 12 ++++++------ .github/workflows/release_staging.yml | 2 +- .github/workflows/release_test.yml | 2 +- .github/workflows/release_uat.yml | 2 +- .github/workflows/smoketests.yml | 6 +++--- .github/workflows/stale.yml | 2 +- .github/workflows/test.yml | 2 +- 17 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.github/actions/invalidate_npm_cache/action.yml b/.github/actions/invalidate_npm_cache/action.yml index 209ed15da3cd..4baa1ac522ff 100644 --- a/.github/actions/invalidate_npm_cache/action.yml +++ b/.github/actions/invalidate_npm_cache/action.yml @@ -5,7 +5,7 @@ runs: steps: - name: save_cache - uses: actions/cache/save@v3 + uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 with: path: |- node_modules diff --git a/.github/actions/npm_install_from_cache/action.yml b/.github/actions/npm_install_from_cache/action.yml index 7e946be95054..a793eb99f115 100644 --- a/.github/actions/npm_install_from_cache/action.yml +++ b/.github/actions/npm_install_from_cache/action.yml @@ -10,7 +10,7 @@ runs: # shell: bash - name: Cache node modules id: cache-nodemodules - uses: actions/cache/restore@v3 + uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 with: path: |- node_modules diff --git a/.github/actions/setup_node/action.yml b/.github/actions/setup_node/action.yml index 537e921d4d49..ec27acbfda3f 100644 --- a/.github/actions/setup_node/action.yml +++ b/.github/actions/setup_node/action.yml @@ -4,6 +4,6 @@ runs: using: composite steps: - name: Use Node.js 18.x - uses: actions/setup-node@v3 + uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 with: node-version: 18.x diff --git a/.github/workflows/coveralls.yml b/.github/workflows/coveralls.yml index 9f1ba62898f4..0d212094bfdb 100644 --- a/.github/workflows/coveralls.yml +++ b/.github/workflows/coveralls.yml @@ -11,7 +11,7 @@ jobs: runs-on: Runner_8cores_Deriv-app steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: './.github/actions/setup_node' - name: Install dependencies @@ -21,4 +21,4 @@ jobs: - name: Test run: JEST_MAX_WORKERS=95% npm run test:jest -- --collectCoverage - name: Coveralls - uses: coverallsapp/github-action@v2 + uses: coverallsapp/github-action@3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 diff --git a/.github/workflows/generate_and_push_deriv_api_types.yml b/.github/workflows/generate_and_push_deriv_api_types.yml index 1e230230953a..a0d4b1e2bc06 100644 --- a/.github/workflows/generate_and_push_deriv_api_types.yml +++ b/.github/workflows/generate_and_push_deriv_api_types.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Setup node id: step1 - uses: actions/setup-node@v2 + uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 with: node-version: "18" check-latest: true @@ -60,7 +60,7 @@ jobs: - name: Checkout repo id: step4 - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: fetch-depth: 1 ref: master diff --git a/.github/workflows/generate_app_id.yml b/.github/workflows/generate_app_id.yml index 9715f62f937e..b22d32c147b2 100644 --- a/.github/workflows/generate_app_id.yml +++ b/.github/workflows/generate_app_id.yml @@ -35,7 +35,7 @@ jobs: - name: Comment on pull request with App ID and URLs id: sticky_comment_on_pr if: steps.generate_app_id.outputs.should_post_comment - uses: marocchino/sticky-pull-request-comment@v1 + uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} header: deriv-app-id-action diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 4455b3461436..72c50bf4f4e0 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -13,7 +13,7 @@ jobs: environment: Preview steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install dependencies diff --git a/.github/workflows/lighthouse.yml b/.github/workflows/lighthouse.yml index ce36058ccc52..a32430cdde13 100644 --- a/.github/workflows/lighthouse.yml +++ b/.github/workflows/lighthouse.yml @@ -18,14 +18,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout to repo - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: fetch-depth: 1 ref: master - name: Add Lighthouse progress comment id: generate_lighthouse_comment - uses: marocchino/sticky-pull-request-comment@v2 + uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} number: ${{github.event.issue.number}} @@ -40,7 +40,7 @@ jobs: preview_url_regexp: \[Visit Preview\]\((.*?.sx)\) - name: Generate Lighthouse report - uses: treosh/lighthouse-ci-action@v9 + uses: treosh/lighthouse-ci-action@03becbfc543944dd6e7534f7ff768abb8a296826 id: lighthouse_report with: temporaryPublicStorage: true @@ -52,7 +52,7 @@ jobs: - name: Retrieve Lighthouse score id: lighthouse_score - uses: actions/github-script@v3 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea with: github-token: ${{secrets.GITHUB_TOKEN}} script: | @@ -78,7 +78,7 @@ jobs: core.setOutput("comment", comment); - name: Post Lighthouse report - uses: marocchino/sticky-pull-request-comment@v2 + uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} header: Lighthouse report @@ -86,7 +86,7 @@ jobs: message: ${{steps.lighthouse_score.outputs.comment}} - name: Clear Lighthouse progress comment - uses: marocchino/sticky-pull-request-comment@v2 + uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} number: ${{github.event.issue.number}} diff --git a/.github/workflows/merge_and_release_to_staging.yml b/.github/workflows/merge_and_release_to_staging.yml index 8675620eb2c0..a1c0f92be5f7 100644 --- a/.github/workflows/merge_and_release_to_staging.yml +++ b/.github/workflows/merge_and_release_to_staging.yml @@ -26,11 +26,11 @@ jobs: timeout-minutes: 600 steps: - name: Checkout to repo - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: ref: master - name: Setup node - uses: actions/setup-node@v2 + uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 - name: Wait for logs to accumulate run: | sleep 10 diff --git a/.github/workflows/push_and_pull_crowdin_translations.yml b/.github/workflows/push_and_pull_crowdin_translations.yml index 8ad9e5a0f6f0..ba07537716d8 100644 --- a/.github/workflows/push_and_pull_crowdin_translations.yml +++ b/.github/workflows/push_and_pull_crowdin_translations.yml @@ -23,14 +23,14 @@ jobs: node-version: [18.x] steps: - name: Setup node - uses: actions/setup-node@v2 + uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 with: node-version: ${{ matrix.node-version }} # We checkout the master branch so we can run the translations # script on the latest changes. - name: Checkout master branch - uses: actions/checkout@v2.3.4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Import GPG key id: import-gpg diff --git a/.github/workflows/release_production.yml b/.github/workflows/release_production.yml index df1c8c8c9a91..2bcdf8e94fb3 100644 --- a/.github/workflows/release_production.yml +++ b/.github/workflows/release_production.yml @@ -14,7 +14,7 @@ jobs: RELEASE_VERSION: ${{ steps.extract_version.outputs.RELEASE_VERSION }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install Dependencies @@ -51,7 +51,7 @@ jobs: CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} - name: Upload Build Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 with: name: build path: packages/core/dist @@ -65,9 +65,9 @@ jobs: needs: [build_test_and_publish] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Conclusion - uses: technote-space/workflow-conclusion-action@v3 + uses: technote-space/workflow-conclusion-action@45ce8e0eb155657ab8ccf346ade734257fd196a5 - name: Create Slack Message id: create_slack_message run: | @@ -89,9 +89,9 @@ jobs: needs: [build_test_and_publish] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Download Build Artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 with: name: build path: packages/core/dist diff --git a/.github/workflows/release_staging.yml b/.github/workflows/release_staging.yml index fc84a82b0010..537ba625fb54 100644 --- a/.github/workflows/release_staging.yml +++ b/.github/workflows/release_staging.yml @@ -11,7 +11,7 @@ jobs: environment: Staging steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install Dependencies diff --git a/.github/workflows/release_test.yml b/.github/workflows/release_test.yml index aabe5b234724..4c3acd2db6a9 100644 --- a/.github/workflows/release_test.yml +++ b/.github/workflows/release_test.yml @@ -11,7 +11,7 @@ jobs: environment: Staging steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install Dependencies diff --git a/.github/workflows/release_uat.yml b/.github/workflows/release_uat.yml index d10deac7492e..a0b11c26d140 100644 --- a/.github/workflows/release_uat.yml +++ b/.github/workflows/release_uat.yml @@ -12,7 +12,7 @@ jobs: environment: Staging steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install Dependencies diff --git a/.github/workflows/smoketests.yml b/.github/workflows/smoketests.yml index b6b4d2111422..2cce88e68074 100644 --- a/.github/workflows/smoketests.yml +++ b/.github/workflows/smoketests.yml @@ -28,13 +28,13 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout external repository with Cypress tests - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: repository: deriv-com/e2e-deriv-app - name: Cypress run # Uses the official Cypress GitHub action https://github.com/cypress-io/github-action - uses: cypress-io/github-action@v6 + uses: cypress-io/github-action@1b70233146622b69e789ccdd4f9452adc638d25a with: # Records to Cypress Cloud # https://docs.cypress.io/guides/cloud/projects#Set-up-a-project-to-record @@ -74,7 +74,7 @@ jobs: - name: Leave comment if: always() - uses: marocchino/sticky-pull-request-comment@v2 + uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd with: header: Smoke tests status update number: ${{ github.event.issue.number }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 85020f321aa3..4c2cb25561e7 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v8 + - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e with: stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.' stale-pr-message: 'This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 13f4583c0024..d8efa3787449 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,7 +11,7 @@ jobs: environment: Preview steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Setup Node uses: "./.github/actions/setup_node" - name: Install dependencies