Skip to content

Commit 81ec8fe

Browse files
savannahostrowskisavannahostrowski
authored
πŸ“Œ Add dependabot.yml and pin SHAs for GHAs (#76)
1 parent a0a4313 commit 81ec8fe

File tree

5 files changed

+23
-7
lines changed

5 files changed

+23
-7
lines changed

β€Ž.github/dependabot.ymlβ€Ž

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
version: 2
2+
updates:
3+
# GitHub Actions
4+
- package-ecosystem: "github-actions"
5+
directory: "/"
6+
schedule:
7+
interval: "daily"
8+
commit-message:
9+
prefix: ⬆
10+
# Node.js
11+
- package-ecosystem: "npm"
12+
directory: "/"
13+
schedule:
14+
interval: "daily"
15+
commit-message:
16+
prefix: ⬆

β€Ž.github/workflows/ci.ymlβ€Ž

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,8 @@ jobs:
1010
ci:
1111
runs-on: ubuntu-latest
1212
steps:
13-
- uses: actions/checkout@v4
14-
- uses: oven-sh/setup-bun@v2
13+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
14+
- uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
1515
with:
1616
cache: bun
1717
- run: bun ci

β€Ž.github/workflows/labeler.ymlβ€Ž

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
pull-requests: write
1717
runs-on: ubuntu-latest
1818
steps:
19-
- uses: actions/labeler@v6
19+
- uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1
2020
if: ${{ github.event.action != 'labeled' && github.event.action != 'unlabeled' }}
2121
- run: echo "Done adding labels"
2222
# Run this after labeler applied labels

β€Ž.github/workflows/latest-changes.ymlβ€Ž

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,11 +22,11 @@ jobs:
2222
env:
2323
GITHUB_CONTEXT: ${{ toJson(github) }}
2424
run: echo "$GITHUB_CONTEXT"
25-
- uses: actions/checkout@v6
25+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626
with:
2727
# To allow latest-changes to commit to the main branch
2828
token: ${{ secrets.FASTAPI_VSCODE_LATEST_CHANGES }}
29-
- uses: tiangolo/latest-changes@0.4.1
29+
- uses: tiangolo/latest-changes@c9d329cb147f0ddf4fb631214e3f838ff17ccbbd # 0.4.1
3030
with:
3131
token: ${{ secrets.GITHUB_TOKEN }}
3232
latest_changes_file: release-notes.md

β€Ž.github/workflows/publish.ymlβ€Ž

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ jobs:
88
publish:
99
runs-on: ubuntu-latest
1010
steps:
11-
- uses: actions/checkout@v4
12-
- uses: oven-sh/setup-bun@v2
11+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
12+
- uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
1313
- run: bun install
1414
- run: bun run package
1515
- name: Publish to VS Code Marketplace

0 commit comments

Comments
Β (0)