From acdf2c8147b82798b39a23ef1f39fddf3c8de1b7 Mon Sep 17 00:00:00 2001 From: Andy Scherzinger Date: Sun, 1 Feb 2026 14:22:36 +0100 Subject: [PATCH] ci: Pin actions Signed-off-by: Andy Scherzinger --- .github/workflows/dependabot-approve-merge.yml | 2 +- .github/workflows/files-external-ftp.yml | 2 +- .github/workflows/files-external-s3.yml | 4 ++-- .github/workflows/files-external-sftp.yml | 2 +- .github/workflows/files-external.yml | 2 +- .github/workflows/integration-dav.yml | 2 +- .github/workflows/object-storage-azure.yml | 2 +- .github/workflows/object-storage-s3.yml | 2 +- .github/workflows/object-storage-swift.yml | 2 +- .github/workflows/performance.yml | 4 ++-- .github/workflows/phpunit-mariadb.yml | 2 +- .github/workflows/phpunit-memcached.yml | 2 +- .github/workflows/phpunit-mysql.yml | 2 +- .github/workflows/phpunit-nodb.yml | 2 +- .github/workflows/phpunit-oci.yml | 2 +- .github/workflows/phpunit-pgsql.yml | 2 +- .github/workflows/phpunit-sqlite.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/static-code-analysis.yml | 4 ++-- 19 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml index 00b019613f5..d5e44e537c9 100644 --- a/.github/workflows/dependabot-approve-merge.yml +++ b/.github/workflows/dependabot-approve-merge.yml @@ -34,7 +34,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} # Nextcloud bot approve and merge request - - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2 + - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2.6.6 with: target: minor github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }} diff --git a/.github/workflows/files-external-ftp.yml b/.github/workflows/files-external-ftp.yml index fb246b04bc2..142b5541b05 100644 --- a/.github/workflows/files-external-ftp.yml +++ b/.github/workflows/files-external-ftp.yml @@ -98,7 +98,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-files-external-ftp diff --git a/.github/workflows/files-external-s3.yml b/.github/workflows/files-external-s3.yml index 5ff3e065618..de83cc5c1f4 100644 --- a/.github/workflows/files-external-s3.yml +++ b/.github/workflows/files-external-s3.yml @@ -96,7 +96,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-files-external-s3 @@ -163,7 +163,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-files-external-s3 diff --git a/.github/workflows/files-external-sftp.yml b/.github/workflows/files-external-sftp.yml index b2811b8c658..752ac11f245 100644 --- a/.github/workflows/files-external-sftp.yml +++ b/.github/workflows/files-external-sftp.yml @@ -87,7 +87,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-files-external-sftp diff --git a/.github/workflows/files-external.yml b/.github/workflows/files-external.yml index cf85c9b9dcb..6386804a080 100644 --- a/.github/workflows/files-external.yml +++ b/.github/workflows/files-external.yml @@ -77,7 +77,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-files-external-generic diff --git a/.github/workflows/integration-dav.yml b/.github/workflows/integration-dav.yml index 94b670e1647..6e9a6137833 100644 --- a/.github/workflows/integration-dav.yml +++ b/.github/workflows/integration-dav.yml @@ -67,7 +67,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up Python - uses: LizardByte/setup-python-action@master + uses: LizardByte/actions/actions/setup_python@e6bc045033a5614035b66daafc38ff86faecb23a # v2026.116.208 with: python-version: '2.7' diff --git a/.github/workflows/object-storage-azure.yml b/.github/workflows/object-storage-azure.yml index 059129cc53e..d3764a2c4ff 100644 --- a/.github/workflows/object-storage-azure.yml +++ b/.github/workflows/object-storage-azure.yml @@ -103,7 +103,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-azure diff --git a/.github/workflows/object-storage-s3.yml b/.github/workflows/object-storage-s3.yml index 9efec494e28..f2d7b736c26 100644 --- a/.github/workflows/object-storage-s3.yml +++ b/.github/workflows/object-storage-s3.yml @@ -109,7 +109,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-s3 diff --git a/.github/workflows/object-storage-swift.yml b/.github/workflows/object-storage-swift.yml index 3c677e49c56..1fd3ded8ed7 100644 --- a/.github/workflows/object-storage-swift.yml +++ b/.github/workflows/object-storage-swift.yml @@ -99,7 +99,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-swift diff --git a/.github/workflows/performance.yml b/.github/workflows/performance.yml index e0110db9741..6d87e447857 100644 --- a/.github/workflows/performance.yml +++ b/.github/workflows/performance.yml @@ -41,7 +41,7 @@ jobs: php -S localhost:8080 & - name: Apply blueprint - uses: icewind1991/blueprint@v0.1.2 + uses: icewind1991/blueprint@00504403f76cb2a09efd0d16793575055e6f63cb # v0.1.2 with: blueprint: tests/blueprints/basic.toml ref: ${{ github.event.pull_request.head.ref }} @@ -90,7 +90,7 @@ jobs: before.json after.json - - uses: actions/github-script@v7 + - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 if: failure() && steps.compare.outcome == 'failure' with: github-token: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/phpunit-mariadb.yml b/.github/workflows/phpunit-mariadb.yml index 576794f9a3c..bf5a493b94c 100644 --- a/.github/workflows/phpunit-mariadb.yml +++ b/.github/workflows/phpunit-mariadb.yml @@ -119,7 +119,7 @@ jobs: - name: Upload db code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.db.xml flags: phpunit-mariadb diff --git a/.github/workflows/phpunit-memcached.yml b/.github/workflows/phpunit-memcached.yml index 3ca5d366ad0..7a73358d76d 100644 --- a/.github/workflows/phpunit-memcached.yml +++ b/.github/workflows/phpunit-memcached.yml @@ -98,7 +98,7 @@ jobs: - name: Upload code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.xml flags: phpunit-memcached diff --git a/.github/workflows/phpunit-mysql.yml b/.github/workflows/phpunit-mysql.yml index 8261373130b..b9ca79be6e5 100644 --- a/.github/workflows/phpunit-mysql.yml +++ b/.github/workflows/phpunit-mysql.yml @@ -119,7 +119,7 @@ jobs: - name: Upload db code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.db.xml flags: phpunit-mysql diff --git a/.github/workflows/phpunit-nodb.yml b/.github/workflows/phpunit-nodb.yml index 46630e2fb06..7f9488c9db6 100644 --- a/.github/workflows/phpunit-nodb.yml +++ b/.github/workflows/phpunit-nodb.yml @@ -103,7 +103,7 @@ jobs: - name: Upload nodb code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.nodb.xml flags: phpunit-nodb diff --git a/.github/workflows/phpunit-oci.yml b/.github/workflows/phpunit-oci.yml index c5320ea10bf..18546d28fd6 100644 --- a/.github/workflows/phpunit-oci.yml +++ b/.github/workflows/phpunit-oci.yml @@ -117,7 +117,7 @@ jobs: - name: Upload db code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.db.xml flags: phpunit-oci diff --git a/.github/workflows/phpunit-pgsql.yml b/.github/workflows/phpunit-pgsql.yml index 1c583b699f3..b4ea3999c55 100644 --- a/.github/workflows/phpunit-pgsql.yml +++ b/.github/workflows/phpunit-pgsql.yml @@ -114,7 +114,7 @@ jobs: - name: Upload db code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.db.xml flags: phpunit-postgres diff --git a/.github/workflows/phpunit-sqlite.yml b/.github/workflows/phpunit-sqlite.yml index fa67c2ac7ef..992ab8a5b55 100644 --- a/.github/workflows/phpunit-sqlite.yml +++ b/.github/workflows/phpunit-sqlite.yml @@ -102,7 +102,7 @@ jobs: - name: Upload db code coverage if: ${{ !cancelled() && matrix.coverage }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 with: files: ./clover.db.xml flags: phpunit-sqlite diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index ec911455f61..8f38af587c0 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -15,7 +15,7 @@ jobs: issues: write steps: - - uses: actions/stale@v9 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 with: repo-token: ${{ secrets.COMMAND_BOT_PAT }} stale-issue-message: > diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml index e30e41a4e68..40402f8bb4a 100644 --- a/.github/workflows/static-code-analysis.yml +++ b/.github/workflows/static-code-analysis.yml @@ -40,7 +40,7 @@ jobs: - name: Upload Analysis results to GitHub if: always() - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3.32.0 with: sarif_file: results.sarif @@ -68,7 +68,7 @@ jobs: - name: Upload Security Analysis results to GitHub if: always() - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3.32.0 with: sarif_file: results.sarif