diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 65ad37f..f338ab6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,7 +8,7 @@ on: jobs: build: - uses: OpenAstronomy/github-actions-workflows/.github/workflows/publish_pure_python.yml@v1 + uses: OpenAstronomy/github-actions-workflows/.github/workflows/publish_pure_python.yml@924441154cf3053034c6513d5e06c69d262fb9a6 # v1.13.0 with: test_command: python -c "import stsci.tools" upload_to_pypi: ${{ (github.event_name == 'release') && (github.event.action == 'released') }} diff --git a/.github/workflows/ci_workflows.yml b/.github/workflows/ci_workflows.yml index 29ca587..6de8ec8 100644 --- a/.github/workflows/ci_workflows.yml +++ b/.github/workflows/ci_workflows.yml @@ -23,11 +23,11 @@ jobs: # runs-on: ubuntu-latest # steps: # - name: Checkout code - # uses: actions/checkout@v4 + # uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 # with: # fetch-depth: 0 # - name: Set up Python - # uses: actions/setup-python@v5 + # uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 # with: # python-version: '3.x' # - name: Lint with flake8 @@ -39,11 +39,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.x' # Make sure that packaging will work @@ -61,11 +61,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.11' - name: Install and build @@ -80,11 +80,11 @@ jobs: needs: [pep_and_audit, initial_tests] steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.13-dev' - name: Install and build @@ -102,11 +102,11 @@ jobs: needs: [pep_and_audit, initial_tests] steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.8' - name: Install and build @@ -122,9 +122,9 @@ jobs: needs: [pep_and_audit, initial_tests] steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.x' - name: Install and build diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fae9e15..78ed24c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -37,11 +37,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -52,7 +52,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -66,4 +66,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 diff --git a/.github/workflows/open_actions.yml b/.github/workflows/open_actions.yml index 1f445ba..0bf14b3 100644 --- a/.github/workflows/open_actions.yml +++ b/.github/workflows/open_actions.yml @@ -13,12 +13,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Label PR - uses: actions/labeler@v5 + uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 if: github.event_name == 'pull_request_target' || github.event_name == 'pull_request' with: repo-token: "${{ secrets.GITHUB_TOKEN }}" - name: 'Comment Draft PR' - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: github.event.pull_request.draft == true with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/predeps_workflow.yml b/.github/workflows/predeps_workflow.yml index 0e914b2..f287431 100644 --- a/.github/workflows/predeps_workflow.yml +++ b/.github/workflows/predeps_workflow.yml @@ -20,11 +20,11 @@ jobs: #os: [ubuntu-latest, windows-latest, macos-latest] steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.13-dev' - name: Install and build