This is an automated email from the ASF dual-hosted git repository. sebb pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/commons-crypto.git
The following commit(s) were added to refs/heads/master by this push: new ceb93860 Pin versions ceb93860 is described below commit ceb9386019ed4d2842ec59be419b7d9a665aae79 Author: Sebb <s...@apache.org> AuthorDate: Fri Dec 22 12:18:45 2023 +0000 Pin versions --- .github/workflows/docker_images.yml | 8 ++++---- .github/workflows/maven_crosstest.yml | 12 ++++++------ .github/workflows/scorecards-analysis.yml | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker_images.yml b/.github/workflows/docker_images.yml index 6b3b80c4..8143a69a 100644 --- a/.github/workflows/docker_images.yml +++ b/.github/workflows/docker_images.yml @@ -39,11 +39,11 @@ jobs: run: | echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to Docker Hub uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb with: @@ -66,7 +66,7 @@ jobs: push: true tags: ${{ env.IMAGE_PREFIX }}-aarch64:latest - name: Build and push riscv64 - uses: docker/build-push-action@v5 + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: context: src/docker file: src/docker/Dockerfile.riscv64 diff --git a/.github/workflows/maven_crosstest.yml b/.github/workflows/maven_crosstest.yml index 81c0e219..cf6162f6 100644 --- a/.github/workflows/maven_crosstest.yml +++ b/.github/workflows/maven_crosstest.yml @@ -86,7 +86,7 @@ jobs: time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh src/docker/build_linux32.sh ls -l target - name: Save generated Linux binaries - uses: actions/cache/save@v3 + uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: key: ${{ env.CACHE-LINUX }} path: target @@ -123,7 +123,7 @@ jobs: mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=mac-aarch64 ls -l target - name: Retrieve saved Linux binaries - uses: actions/cache/restore@v3 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: key: ${{ env.CACHE-LINUX }} path: target @@ -139,13 +139,13 @@ jobs: # At some point would like to run the cross tests using only the jars # In the meantime, use the target class structure - name: Save generated Linux + macOS binaries - uses: actions/cache/save@v3 + uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: key: ${{ env.CACHE-ALL }} path: target # This is only visible on the Workflow summary page - name: Upload packaged jars for external testing - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: crypto-package path: target/*.jar @@ -174,7 +174,7 @@ jobs: with: persist-credentials: false - name: Retrieve saved target tree - uses: actions/cache/restore@v3 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: key: ${{ env.CACHE-ALL }} path: target @@ -222,7 +222,7 @@ jobs: run: | echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV - name: Retrieve saved target tree - uses: actions/cache/restore@v3 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: key: ${{ env.CACHE-ALL }} path: target diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index b218f9c7..88da503a 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -60,7 +60,7 @@ jobs: publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@353073034f1f3c6d1a65ede161c5a2ca79650a49 # 3.1.0 + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: SARIF file path: results.sarif