Skip to content

Commit

Permalink
chore(deps): pin dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
renovate[bot] authored and thypon committed Sep 13, 2023
1 parent ab53fc2 commit be14e4a
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 22 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/check-new-repos.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
steps:
- name: Check New Repos
id: check-new-repos
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
github-token: ${{ secrets.GH_PAT }}
script: |
Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
}
return message;
- uses: actions-ecosystem/action-slack-notifier@v1
- uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1
if: ${{ fromJson(steps.check-new-repos.outputs.result) != '' }}
with:
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/full-loop.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
name: full-loop
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
with:
fetch-depth: 0
- uses: ./
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/loop.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
matrix:
language: [ 'generic', 'javascript', '' ]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
with:
fetch-depth: 0
- run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/semgrep-self-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
name: semgrep-self-test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
- run: |
python3 -m pip --disable-pip-version-check install -r requirements.txt
shell: bash
Expand Down
34 changes: 17 additions & 17 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ runs:
printf '${{ steps.changed-files.outputs.any_changed }}'
- id: comments-before
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
script: |
var query = `query($owner:String!, $name:String!, $prnumber:Int!) {
Expand Down Expand Up @@ -190,12 +190,12 @@ runs:
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
name: Cache pip cache
id: cache-pip
uses: actions/cache@v3
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3
with:
path: ~/.cache/pip/
key: ${{ runner.os }}-pip
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
uses: reviewdog/action-setup@v1
uses: reviewdog/action-setup@80a06617492b461a66508e2dedf16233f0506804 # v1
with:
reviewdog_version: latest # Optional. [latest,nightly,v.X.Y.Z]
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
Expand All @@ -220,7 +220,7 @@ runs:
version: 1.0
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
name: Install tfsec
uses: jaxxstorm/action-install-gh-release@v1.10.0
uses: jaxxstorm/action-install-gh-release@c5ead9a448b4660cf1e7866ee22e4dc56538031a # v1.10.0
with: # Grab a specific tag with caching
repo: aquasecurity/tfsec
tag: v1.28.1
Expand Down Expand Up @@ -251,7 +251,7 @@ runs:

- id: comments-after
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
script: |
var query = `query($owner:String!, $name:String!, $prnumber:Int!) {
Expand Down Expand Up @@ -293,7 +293,7 @@ runs:
- id: assignees-after
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
env:
ASSIGNEES: ${{ inputs.assignees }}
with:
Expand Down Expand Up @@ -345,7 +345,7 @@ runs:
- id: assignee-removed-label
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
env:
ASSIGNEES: ${{ steps.assignees-after.outputs.result && fromJson(steps.assignees-after.outputs.result) }}
with:
Expand Down Expand Up @@ -390,7 +390,7 @@ runs:
- id: description-contains-hotwords
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && github.actor != 'renovate[bot]' }}
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
env:
HOTWORDS: ${{ inputs.hotwords }}
with:
Expand Down Expand Up @@ -427,12 +427,12 @@ runs:
run: |
set -x
echo "result=true" >> $GITHUB_OUTPUT
- uses: actions-ecosystem/action-add-labels@v1
- uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && steps.should-trigger.outputs.result == 'true' }}
with:
github_token: ${{ inputs.github_token }}
labels: needs-security-review
- uses: actions-ecosystem/action-add-assignees@v1
- uses: actions-ecosystem/action-add-assignees@ce5019e63cc4f35aba27308dc88d19c8f3686747 # v1
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && steps.should-trigger.outputs.result == 'true' }}
with:
github_token: ${{ inputs.github_token }}
Expand All @@ -449,7 +449,7 @@ runs:
run: exit 1
- if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && inputs.slack_token && hashFiles('reviewdog.fail.log') }}
id: reviewdog-fail-log-head
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
script: |
return '\n'+require('fs').readFileSync('reviewdog.fail.log', 'UTF-8').split('\n').slice(0, 4).join('\n')
Expand All @@ -459,7 +459,7 @@ runs:
ASSIGNEES: ${{steps.assignees-after.outputs.result && fromJson(steps.assignees-after.outputs.result)}}
run: echo "result=$(echo "$ASSIGNEES" | sed 's|\([^ ]\)|@\1|' | tr -s '\n' ' ')" >> $GITHUB_OUTPUT
shell: bash
- uses: actions-ecosystem/action-slack-notifier@v1
- uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && inputs.slack_token && hashFiles('reviewdog.fail.log') }}
with:
slack_token: ${{ inputs.slack_token }}
Expand All @@ -468,7 +468,7 @@ runs:
channel: secops-hotspots
color: red
verbose: true
- uses: actions-ecosystem/action-slack-notifier@v1
- uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && inputs.slack_token && steps.should-trigger.outputs.result == 'true' }}
with:
slack_token: ${{ inputs.slack_token }}
Expand All @@ -480,21 +480,21 @@ runs:
# CodeQL Steps
- if: ${{ steps.codeql-enabled.outputs.result == 'true' && hashFiles(inputs.codeql_config) }}
name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2
with:
languages: ${{ matrix.language }}
config-file: ${{ inputs.codeql_config }}
- if: ${{ steps.codeql-enabled.outputs.result == 'true' && !hashFiles(inputs.codeql_config)}}
name: Initialize CodeQL (without config)
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2
with:
languages: ${{ matrix.language }}
- if: ${{ steps.codeql-enabled.outputs.result == 'true' }}
name: Autobuild
uses: github/codeql-action/autobuild@v2
uses: github/codeql-action/autobuild@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2
- if: ${{ steps.codeql-enabled.outputs.result == 'true' }}
name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2
# - run: echo ${{ inputs.in-name }}
# shell: bash
# - id: output-step-id
Expand Down

0 comments on commit be14e4a

Please sign in to comment.