Browse Source

fix: pin 35 unpinned action(s)

Automated security fixes applied by Runner Guard (https://github.com/Vigilant-LLC/runner-guard).

Changes:
 .github/workflows/build-docs.yml          |  8 ++++----
 .github/workflows/contributors.yml        |  4 ++--
 .github/workflows/deploy-docs.yml         |  4 ++--
 .github/workflows/detect-conflicts.yml    |  2 +-
 .github/workflows/issue-manager.yml       |  2 +-
 .github/workflows/label-approved.yml      |  2 +-
 .github/workflows/latest-changes.yml      |  4 ++--
 .github/workflows/notify-translations.yml |  4 ++--
 .github/workflows/people.yml              |  4 ++--
 .github/workflows/pre-commit.yml          |  6 +++---
 .github/workflows/publish.yml             |  2 +-
 .github/workflows/smokeshow.yml           |  2 +-
 .github/workflows/sponsors.yml            |  4 ++--
 .github/workflows/test-redistribute.yml   |  2 +-
 .github/workflows/test.yml                | 12 ++++++------
 .github/workflows/topic-repos.yml         |  2 +-
 .github/workflows/translate.yml           |  6 +++---
 17 files changed, 35 insertions(+), 35 deletions(-)
pull/15229/head
Chris Nyhuis 4 months ago
parent
commit
db594da9fc
  1. 8
      .github/workflows/build-docs.yml
  2. 4
      .github/workflows/contributors.yml
  3. 4
      .github/workflows/deploy-docs.yml
  4. 2
      .github/workflows/detect-conflicts.yml
  5. 2
      .github/workflows/issue-manager.yml
  6. 2
      .github/workflows/label-approved.yml
  7. 4
      .github/workflows/latest-changes.yml
  8. 4
      .github/workflows/notify-translations.yml
  9. 4
      .github/workflows/people.yml
  10. 6
      .github/workflows/pre-commit.yml
  11. 2
      .github/workflows/publish.yml
  12. 2
      .github/workflows/smokeshow.yml
  13. 4
      .github/workflows/sponsors.yml
  14. 2
      .github/workflows/test-redistribute.yml
  15. 12
      .github/workflows/test.yml
  16. 2
      .github/workflows/topic-repos.yml
  17. 6
      .github/workflows/translate.yml

8
.github/workflows/build-docs.yml

@ -20,7 +20,7 @@ jobs:
steps:
- uses: actions/checkout@v6
# For pull requests it's not necessary to checkout the code but for the main branch it is
- uses: dorny/paths-filter@v4
- uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4
id: filter
with:
filters: |
@ -48,7 +48,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -81,7 +81,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -111,7 +111,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}
allowed-skips: build-docs

4
.github/workflows/contributors.yml

@ -27,7 +27,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -37,7 +37,7 @@ jobs:
run: uv sync --locked --no-dev --group github-actions
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true

4
.github/workflows/deploy-docs.yml

@ -26,7 +26,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -59,7 +59,7 @@ jobs:
env:
PROJECT_NAME: fastapitiangolo
BRANCH: ${{ ( github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.head_branch == 'master' && 'main' ) || ( github.event.workflow_run.head_sha ) }}
uses: cloudflare/wrangler-action@v3
uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}

2
.github/workflows/detect-conflicts.yml

@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check if PRs have merge conflicts
uses: eps1lon/actions-label-merge-conflict@v3
uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3
with:
dirtyLabel: "conflicts"
repoToken: "${{ secrets.GITHUB_TOKEN }}"

2
.github/workflows/issue-manager.yml

@ -27,7 +27,7 @@ jobs:
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- uses: tiangolo/[email protected]
- uses: tiangolo/issue-manager@2fb3484ec9279485df8659e8ec73de262431737d # 0.6.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
config: >

2
.github/workflows/label-approved.yml

@ -23,7 +23,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |

4
.github/workflows/latest-changes.yml

@ -32,11 +32,11 @@ jobs:
token: ${{ secrets.FASTAPI_LATEST_CHANGES }}
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true
- uses: tiangolo/[email protected]
- uses: tiangolo/latest-changes@c9d329cb147f0ddf4fb631214e3f838ff17ccbbd # 0.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
latest_changes_file: docs/en/docs/release-notes.md

4
.github/workflows/notify-translations.yml

@ -31,7 +31,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -41,7 +41,7 @@ jobs:
run: uv sync --locked --no-dev --group github-actions
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true

4
.github/workflows/people.yml

@ -27,7 +27,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -37,7 +37,7 @@ jobs:
run: uv sync --locked --no-dev --group github-actions
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true

6
.github/workflows/pre-commit.yml

@ -42,7 +42,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
cache-dependency-glob: |
pyproject.toml
@ -65,7 +65,7 @@ jobs:
git commit -m "🎨 Auto format"
git push
fi
- uses: pre-commit-ci/[email protected]
- uses: pre-commit-ci/lite-action@5d6cc0eb514c891a40562a58a8e71576c5c7fb43 # v1.1.0
if: env.HAS_SECRETS == 'false'
with:
msg: 🎨 Auto format
@ -85,6 +85,6 @@ jobs:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}

2
.github/workflows/publish.yml

@ -22,7 +22,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Install uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
- name: Build distribution
run: uv build
- name: Publish

2
.github/workflows/smokeshow.yml

@ -22,7 +22,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
cache-dependency-glob: |
pyproject.toml

4
.github/workflows/sponsors.yml

@ -27,7 +27,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -37,7 +37,7 @@ jobs:
run: uv sync --locked --no-dev --group github-actions
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true

2
.github/workflows/test-redistribute.yml

@ -55,6 +55,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}

12
.github/workflows/test.yml

@ -28,7 +28,7 @@ jobs:
steps:
- uses: actions/checkout@v6
# For pull requests it's not necessary to checkout the code but for the main branch it is
- uses: dorny/paths-filter@v4
- uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4
id: filter
with:
filters: |
@ -94,7 +94,7 @@ jobs:
with:
python-version: ${{ matrix.python-version }}
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -142,7 +142,7 @@ jobs:
with:
python-version: "3.13"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -151,7 +151,7 @@ jobs:
- name: Install Dependencies
run: uv sync --no-dev --group tests --extra all
- name: CodSpeed benchmarks
uses: CodSpeedHQ/action@v4
uses: CodSpeedHQ/action@1c8ae4843586d3ba879736b7f6b7b0c990757fab # v4
with:
mode: simulation
run: uv run --no-sync pytest tests/benchmarks --codspeed
@ -170,7 +170,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |
@ -208,7 +208,7 @@ jobs:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}
allowed-skips: coverage-combine,test,benchmark

2
.github/workflows/topic-repos.yml

@ -22,7 +22,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
enable-cache: true
cache-dependency-glob: |

6
.github/workflows/translate.yml

@ -54,7 +54,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
cache-dependency-glob: |
pyproject.toml
@ -93,7 +93,7 @@ jobs:
with:
python-version-file: ".python-version"
- name: Setup uv
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
with:
cache-dependency-glob: |
pyproject.toml
@ -102,7 +102,7 @@ jobs:
run: uv sync --locked --no-dev --group github-actions --group translations
# Allow debugging with tmate
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true

Loading…
Cancel
Save