Use SHA for GitHub actions version

2024-11-10 04:37:25 +01:00 · 2024-03-17 20:21:05 +06:00 · 2024-03-17 20:21:05 +06:00 · 0a91b57f67
commit 0a91b57f67
parent bcdf17fe27
4 changed files with 14 additions and 24 deletions
--- a/.github/workflows/build_pull_request.yml
+++ b/.github/workflows/build_pull_request.yml
@ -20,22 +20,22 @@ jobs:

    steps:
      - name: Clone repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

      - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v2
+        uses: gradle/wrapper-validation-action@699bb18358f12c5b78b37bb0111d3a0e2276e0e2 # v2.1.1

      - name: Dependency Review
-        uses: actions/dependency-review-action@v4
+        uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3

      - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
        with:
          java-version: 17
          distribution: adopt

      - name: Set up gradle
-        uses: gradle/actions/setup-gradle@v3
+        uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0

      - name: Build app and run unit tests
        run: ./gradlew detekt assembleStandardRelease testReleaseUnitTest
--- a/.github/workflows/build_push.yml
+++ b/.github/workflows/build_push.yml
@ -17,23 +17,23 @@ jobs:

    steps:
      - name: Clone repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

      - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v2
+        uses: gradle/wrapper-validation-action@699bb18358f12c5b78b37bb0111d3a0e2276e0e2 # v2.1.1

      - name: Setup Android SDK
        run: |
          ${ANDROID_SDK_ROOT}/cmdline-tools/latest/bin/sdkmanager "build-tools;29.0.3"

      - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
        with:
          java-version: 17
          distribution: adopt

      - name: Set up gradle
-        uses: gradle/actions/setup-gradle@v3
+        uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0

      - name: Build app and run unit tests
        run: ./gradlew detekt assembleStandardRelease testReleaseUnitTest
@ -48,7 +48,7 @@ jobs:

      - name: Sign APK
        if: startsWith(github.ref, 'refs/tags/') && github.repository == 'mihonapp/mihon'
-        uses: r0adkll/sign-android-release@v1
+        uses: r0adkll/sign-android-release@/349ebdef58775b1e0d8099458af0816dc79b6407 # v1
        with:
          releaseDirectory: app/build/outputs/apk/standard/release
          signingKeyBase64: ${{ secrets.SIGNING_KEY }}
@ -83,7 +83,7 @@ jobs:

      - name: Create Release
        if: startsWith(github.ref, 'refs/tags/') && github.repository == 'mihonapp/mihon'
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
        with:
          tag_name: ${{ env.VERSION_TAG }}
          name: Mihon ${{ env.VERSION_TAG }}
--- a/.github/workflows/issue_moderator.yml
+++ b/.github/workflows/issue_moderator.yml
@ -11,28 +11,18 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Moderate issues
-        uses: tachiyomiorg/issue-moderator-action@v2.6.0
+        uses: keiyoushi/issue-moderator-action@a017be83547db6e107431ce7575f53c1dfa3296a
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          duplicate-label: Duplicate

          auto-close-rules: |
            [
-              {
-                "type": "body",
-                "regex": ".*DELETE THIS SECTION IF YOU HAVE READ AND ACKNOWLEDGED IT.*",
-                "message": "The acknowledgment section was not removed."
-              },
-              {
-                "type": "body",
-                "regex": ".*\\* (Tachiyomi version|Android version|Device): \\?.*",
-                "message": "Requested information in the template was not filled out."
-              },
              {
                "type": "both",
                "regex": "^(?!.*myanimelist.*).*(aniyomi|anime).*$",
                "ignoreCase": true,
-                "message": "Tachiyomi does not support anime, and has no plans to support anime. In addition Tachiyomi is not affiliated with Aniyomi https://github.com/jmir1/aniyomi"
+                "message": "Mihon does not support anime, and has no plans to support anime. In addition Mihon is not affiliated with Aniyomi https://github.com/jmir1/aniyomi"
              },
              {
                "type": "both",
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@ -12,7 +12,7 @@ jobs:
  lock:
    runs-on: ubuntu-latest
    steps:
-      - uses: dessant/lock-threads@v5
+      - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1
        with:
          github-token: ${{ github.token }}
          issue-inactive-days: '2'