(commons-crypto) branch master updated: Pin versions

sebb Fri, 22 Dec 2023 04:18:58 -0800

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-crypto.git



The following commit(s) were added to refs/heads/master by this push:
     new ceb93860 Pin versions
ceb93860 is described below

commit ceb9386019ed4d2842ec59be419b7d9a665aae79
Author: Sebb <s...@apache.org>
AuthorDate: Fri Dec 22 12:18:45 2023 +0000

    Pin versions
---
 .github/workflows/docker_images.yml       |  8 ++++----
 .github/workflows/maven_crosstest.yml     | 12 ++++++------
 .github/workflows/scorecards-analysis.yml |  2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/docker_images.yml 
b/.github/workflows/docker_images.yml
index 6b3b80c4..8143a69a 100644
--- a/.github/workflows/docker_images.yml
+++ b/.github/workflows/docker_images.yml
@@ -39,11 +39,11 @@ jobs:
         run: |
           echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository 
}} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 
v4.1.1
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: 
docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: 
docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
       - name: Login to Docker Hub
         uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb
         with:
@@ -66,7 +66,7 @@ jobs:
           push: true
           tags: ${{ env.IMAGE_PREFIX }}-aarch64:latest
       - name: Build and push riscv64
-        uses: docker/build-push-action@v5
+        uses: 
docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: src/docker
           file: src/docker/Dockerfile.riscv64
diff --git a/.github/workflows/maven_crosstest.yml 
b/.github/workflows/maven_crosstest.yml
index 81c0e219..cf6162f6 100644
--- a/.github/workflows/maven_crosstest.yml
+++ b/.github/workflows/maven_crosstest.yml
@@ -86,7 +86,7 @@ jobs:
           time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f 
src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh 
src/docker/build_linux32.sh
           ls -l target
       - name: Save generated Linux binaries
-        uses: actions/cache/save@v3
+        uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # 
v3.3.2
         with:
           key: ${{ env.CACHE-LINUX }}
           path: target
@@ -123,7 +123,7 @@ jobs:
           mvn -V -B -ntp -DskipTests -Drat.skip process-classes 
-Dtarget.name=mac-aarch64
           ls -l target
       - name: Retrieve saved Linux binaries
-        uses: actions/cache/restore@v3
+        uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # 
v3.3.2
         with:
           key: ${{ env.CACHE-LINUX }}
           path: target
@@ -139,13 +139,13 @@ jobs:
       # At some point would like to run the cross tests using only the jars
       # In the meantime, use the target class structure
       - name: Save generated Linux + macOS binaries
-        uses: actions/cache/save@v3
+        uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # 
v3.3.2
         with:
           key: ${{ env.CACHE-ALL }}
           path: target
       # This is only visible on the Workflow summary page
       - name: Upload packaged jars for external testing
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 
# v4.0.0
         with:
           name: crypto-package
           path: target/*.jar
@@ -174,7 +174,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Retrieve saved target tree
-        uses: actions/cache/restore@v3
+        uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # 
v3.3.2
         with:
           key: ${{ env.CACHE-ALL }}
           path: target
@@ -222,7 +222,7 @@ jobs:
         run: |
           echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository 
}} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV
       - name: Retrieve saved target tree
-        uses: actions/cache/restore@v3
+        uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # 
v3.3.2
         with:
           key: ${{ env.CACHE-ALL }}
           path: target
diff --git a/.github/workflows/scorecards-analysis.yml 
b/.github/workflows/scorecards-analysis.yml
index b218f9c7..88da503a 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -60,7 +60,7 @@ jobs:
           publish_results: true
 
       - name: "Upload artifact"
-        uses: actions/upload-artifact@353073034f1f3c6d1a65ede161c5a2ca79650a49 
   # 3.1.0
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 
# v4.0.0
         with:
           name: SARIF file
           path: results.sarif

(commons-crypto) branch master updated: Pin versions

Reply via email to