diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index f64a609e..d9188ef3 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -7,7 +7,6 @@ on: workflow_dispatch: concurrency: - # yamllint disable-line rule:line-length group: style-${{github.ref}}-${{github.event.pull_request.number || github.run_number}} cancel-in-progress: true @@ -15,6 +14,8 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - - uses: pre-commit/action@v3.0.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 + - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a6055b1d..3650d2a3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,4 @@ --- -# yamllint disable rule:line-length name: run bamboo # yamllint disable-line rule:truthy @@ -37,7 +36,9 @@ jobs: build-type: sstmainline_config_core_make_dist_test runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false - name: install system-level dependencies (macOS) run: | brew install \ @@ -68,7 +69,7 @@ jobs: # echo "source /usr/share/lmod/lmod/init/bash" >> ~/.bashrc if: matrix.os == 'ubuntu-24.04' - name: ccache - uses: hendrikmuhs/ccache-action@v1.2 + uses: hendrikmuhs/ccache-action@ed74d11c0b343532753ecead8a951bb09bb34bc9 # v1.2 with: create-symlink: true key: ${{ matrix.os }}-${{ matrix.build-type }} @@ -102,10 +103,9 @@ jobs: cd "${SST_DEPS_USER_DIR}/devel/trunk" ../sqe/buildsys/bamboo.sh ${{ matrix.build-type }} none none none none none ccache -s -vv - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 with: name: test-output-${{ matrix.os }}-${{ matrix.build-type }} path: sst_test_outputs compression-level: 9 if: '!cancelled()' -# yamllint enable rule:line-length diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9137ec50..d63a917f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,7 +6,7 @@ repos: - id: check-hooks-apply - id: check-useless-excludes - repo: https://github.com/pre-commit/pre-commit-hooks - rev: "v4.6.0" + rev: "v5.0.0" hooks: - id: check-added-large-files - id: check-case-conflict @@ -58,6 +58,11 @@ repos: test/utilities/TimeoutEx.sh ) - repo: https://github.com/Mateusz-Grzelinski/actionlint-py - rev: "v1.7.1.15" + rev: "v1.7.4.20" hooks: - id: actionlint + - repo: https://github.com/woodruffw/zizmor-pre-commit + rev: v0.8.0 + hooks: + - id: zizmor + args: [--persona=pedantic] diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 00000000..8ecafdb0 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,6 @@ +--- +extends: default + +rules: + line-length: + max: 100