diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 12e9eec754..8f01ce0bd5 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -17,7 +17,7 @@ permissions: jobs: build: name: Build - uses: spring-io/spring-security-release-tools/.github/workflows/build.yml@v1 + uses: spring-io/spring-security-release-tools/.github/workflows/build.yml@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 strategy: matrix: os: [ ubuntu-latest, windows-latest ] @@ -30,7 +30,7 @@ jobs: deploy-artifacts: name: Deploy Artifacts needs: [ build] - uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 + uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} default-publish-milestones-central: true @@ -38,14 +38,14 @@ jobs: deploy-schema: name: Deploy Schema needs: [ build ] - uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1 + uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }} secrets: inherit perform-release: name: Perform Release needs: [ deploy-artifacts, deploy-schema ] - uses: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml@v1 + uses: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }} project-version: ${{ needs.deploy-artifacts.outputs.project-version }} @@ -61,6 +61,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Send Notification - uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1 + uses: spring-io/spring-security-release-tools/.github/actions/send-notification@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }} diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 25381d0f82..05912c63fd 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -17,7 +17,7 @@ jobs: if: github.repository_owner == 'spring-projects' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: docs-build fetch-depth: 1 diff --git a/.github/workflows/gradle-wrapper-upgrade-execution.yml b/.github/workflows/gradle-wrapper-upgrade-execution.yml index 8207edddef..d5e9d084b6 100644 --- a/.github/workflows/gradle-wrapper-upgrade-execution.yml +++ b/.github/workflows/gradle-wrapper-upgrade-execution.yml @@ -19,14 +19,14 @@ jobs: git config --global user.name 'github-actions[bot]' git config --global user.email 'github-actions[bot]@users.noreply.github.com' - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up JDK 17 - uses: actions/setup-java@v4 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: java-version: '17' distribution: 'temurin' - name: Set up Gradle - uses: gradle/gradle-build-action@v2 + uses: gradle/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1 - name: Upgrade Wrappers run: ./gradlew clean upgradeGradleWrapperAll --continue -Porg.gradle.java.installations.auto-download=false env: diff --git a/.github/workflows/milestone-spring-releasetrain.yml b/.github/workflows/milestone-spring-releasetrain.yml index 0602ae8e73..6d373fb15a 100644 --- a/.github/workflows/milestone-spring-releasetrain.yml +++ b/.github/workflows/milestone-spring-releasetrain.yml @@ -30,6 +30,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Send Notification - uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1 + uses: spring-io/spring-security-release-tools/.github/actions/send-notification@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }} diff --git a/.github/workflows/pr-build-workflow.yml b/.github/workflows/pr-build-workflow.yml index 2ebf86c76b..b419967a44 100644 --- a/.github/workflows/pr-build-workflow.yml +++ b/.github/workflows/pr-build-workflow.yml @@ -11,9 +11,9 @@ jobs: runs-on: ubuntu-latest if: ${{ github.repository == 'spring-projects/spring-security' }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 + uses: spring-io/spring-gradle-build-action@efc55f07f4dfa22f2afd97f9ea1be4212eeed737 # v2.0.5 with: java-version: '17' distribution: 'temurin' @@ -24,9 +24,9 @@ jobs: runs-on: ubuntu-latest if: ${{ github.repository == 'spring-projects/spring-security' }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 + uses: spring-io/spring-gradle-build-action@efc55f07f4dfa22f2afd97f9ea1be4212eeed737 # v2.0.5 with: java-version: '17' distribution: 'temurin' @@ -34,7 +34,7 @@ jobs: run: ./gradlew -PbuildSrc.skipTests=true :spring-security-docs:antora - name: Upload Docs id: upload - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: docs path: docs/build/site @@ -46,6 +46,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Send Notification - uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1 + uses: spring-io/spring-security-release-tools/.github/actions/send-notification@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }} diff --git a/.github/workflows/release-scheduler.yml b/.github/workflows/release-scheduler.yml index 9f0045ba1e..f31c6b5198 100644 --- a/.github/workflows/release-scheduler.yml +++ b/.github/workflows/release-scheduler.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 1 - name: Dispatch diff --git a/.github/workflows/update-scheduled-release-version.yml b/.github/workflows/update-scheduled-release-version.yml index 665b1b50b6..25328ff331 100644 --- a/.github/workflows/update-scheduled-release-version.yml +++ b/.github/workflows/update-scheduled-release-version.yml @@ -9,7 +9,7 @@ permissions: jobs: update-scheduled-release-version: name: Update Scheduled Release Version - uses: spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml@v1 + uses: spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 secrets: inherit send-notification: name: Send Notification @@ -18,6 +18,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Send Notification - uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1 + uses: spring-io/spring-security-release-tools/.github/actions/send-notification@7d42d82298553f123a9dad622e0eac725aaf52ef # v1.0.13 with: webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }} \ No newline at end of file