diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 7d7a336c..445a100f 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -33,7 +33,7 @@ jobs: python-version: '3.x' allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Install Just @@ -45,7 +45,7 @@ jobs: - name: Upload analysis results if: ${{ always() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: bandit-results path: bandit.sarif @@ -53,6 +53,6 @@ jobs: - name: Upload to code-scanning if: ${{ always() }} - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 + uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 with: sarif_file: bandit.sarif diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 038c083a..985d25e1 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -65,7 +65,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Install Just diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5d60d6ec..38b3e046 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -44,7 +44,7 @@ jobs: with: python-version: "3.14" # for tomlib - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false restore-cache: false @@ -73,7 +73,7 @@ jobs: - name: Build the binary wheel and a source tarball run: just build - name: Store the distribution packages - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: python-package-distributions path: dist/ @@ -102,7 +102,7 @@ jobs: name: python-package-distributions path: dist/ - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b github-release: name: Publish GitHub Release @@ -171,7 +171,7 @@ jobs: # name: python-package-distributions # path: dist/ # - name: Publish distribution 📦 to TestPyPI - # uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e + # uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # with: # repository-url: https://test.pypi.org/legacy/ # skip-existing: true diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index d364a0c7..31409b39 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -51,7 +51,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: SARIF file path: results.sarif @@ -60,6 +60,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 + uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 with: sarif_file: results.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a0992c5f..95d1915c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -144,7 +144,7 @@ jobs: psql -h localhost -p 5432 -U postgres -d postgres -c "CREATE DATABASE test1;" psql -h localhost -p 5432 -U postgres -d postgres -c "CREATE DATABASE test2;" - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -163,7 +163,7 @@ jobs: run: | just test-all --group "${{ matrix.psycopg-version }}" -p "$TEST_PYTHON" --group "$TEST_DJANGO_VERSION" - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -218,7 +218,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -237,7 +237,7 @@ jobs: run: | just test-all -p "$TEST_PYTHON" --group "$TEST_DJANGO_VERSION" - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -341,7 +341,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -352,7 +352,7 @@ jobs: run: | just test-all --group "${{ matrix.mysqlclient-version }}" -p "$TEST_PYTHON" --group "$TEST_DJANGO_VERSION" - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -465,7 +465,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -476,7 +476,7 @@ jobs: run: | just test-all --group "${{ matrix.mysqlclient-version }}" -p "$TEST_PYTHON" --group "$TEST_DJANGO_VERSION" - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -578,7 +578,7 @@ jobs: uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 timeout-minutes: 60 - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -610,7 +610,7 @@ jobs: fi - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -662,7 +662,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -681,7 +681,7 @@ jobs: just test-all -p "$env:TEST_PYTHON" --group "$env:TEST_DJANGO_VERSION" shell: pwsh - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -736,7 +736,7 @@ jobs: python-version: ${{ matrix.python-version }} allow-prereleases: true - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just @@ -755,7 +755,7 @@ jobs: run: | just test-all -p "$TEST_PYTHON" --group "$TEST_DJANGO_VERSION" - name: Store coverage files - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: ${{ env.COVERAGE_FILE }} path: ${{ env.COVERAGE_FILE }} @@ -776,7 +776,7 @@ jobs: with: python-version: '3.12' - name: Install uv - uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b with: enable-cache: false - name: Setup Just diff --git a/.github/workflows/update_coc.yml b/.github/workflows/update_coc.yml index 77d9d950..97a9ed95 100644 --- a/.github/workflows/update_coc.yml +++ b/.github/workflows/update_coc.yml @@ -43,7 +43,7 @@ jobs: # Create a pull request to merge the changes into the main branch - name: Create Pull Request if: steps.check_changes.outputs.changed == 'true' - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 with: token: ${{ secrets.GITHUB_TOKEN }} branch: bot-update-coc diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 6a179740..b183863d 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: Set up Rust - uses: actions-rust-lang/setup-rust-toolchain@150fca883cd4034361b621bd4e6a9d34e5143606 + uses: actions-rust-lang/setup-rust-toolchain@2b1f5e9b395427c92ee4e3331786ca3c37afe2d7 - name: Install jq run: | sudo apt-get update @@ -43,14 +43,14 @@ jobs: zizmor --format sarif .github/workflows/ > zizmor.sarif - name: Upload analysis results - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: zizmor-results path: zizmor.sarif retention-days: 7 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 + uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 with: sarif_file: zizmor.sarif