From 4daa5c40cf71950e01bac1ff2beb5843727538d9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 5 Jun 2024 07:30:28 +0000 Subject: [PATCH] Pin dependencies (#216) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 24 ++++++++++++------------ .github/workflows/linkcheck.yml | 8 ++++---- .github/workflows/update-manifest.yml | 6 +++--- env.Dockerfile | 4 ++-- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 55327fb..6e6aeea 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,9 +25,9 @@ jobs: hash: ${{ steps.img.outputs.hash }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Login to ghcr.io - uses: docker/login-action@v3 + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -60,9 +60,9 @@ jobs: IMG: ghcr.io/${{ github.repository }}:${{ needs.setup.outputs.hash }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Restore notebook if present - uses: actions/cache/restore@v4 + uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 id: nb-cache with: path: ${{ env.NBCACHE }} @@ -87,7 +87,7 @@ jobs: sudo chown -R $USER ${{ env.NBCACHE }} ls -R ${{ env.NBCACHE }} - name: Cache notebook - uses: actions/cache/save@v4 + uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 if: ${{ steps.nb-cache.outputs.cache-hit != 'true' }} with: path: ${{ env.NBCACHE }} @@ -96,7 +96,7 @@ jobs: id: art run: echo "name=$(echo ${{ env.NB }} | sed 's/\//-/g')" >> "$GITHUB_OUTPUT" - name: Upload Notebook - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4 with: name: notebook-${{ steps.art.outputs.name }} path: ${{ env.NBCACHE }} @@ -107,9 +107,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Download notebooks - uses: actions/download-artifact@v4 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4 with: path: ${{ env.NBCACHE }}/ pattern: notebook-* @@ -119,12 +119,12 @@ jobs: - name: Copy back built notebooks run: cp --verbose -rf ${{ env.NBCACHE }}/docs/* docs/ - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 id: setup-python with: python-version: '3.x' - name: Cache python venv - uses: actions/cache@v4 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 if: ${{ contains(runner.name, 'GitHub Actions') }} id: cache-venv with: @@ -141,7 +141,7 @@ jobs: run: jupyter-book build docs/ - name: Upload pages artifact if: ${{ github.ref == 'refs/heads/main' }} - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3 with: path: docs/_build/html/ @@ -178,4 +178,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4 diff --git a/.github/workflows/linkcheck.yml b/.github/workflows/linkcheck.yml index ebfd1ec..0b8cbf1 100644 --- a/.github/workflows/linkcheck.yml +++ b/.github/workflows/linkcheck.yml @@ -20,9 +20,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Setup Julia - uses: julia-actions/setup-julia@v2 + uses: julia-actions/setup-julia@f2258781c657ad9b4b88072c5eeaf9ec8c370874 # v2 - name: Convert literate notebooks to ipynb files shell: julia --color=yes {0} run: | @@ -38,12 +38,12 @@ jobs: end end - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 id: setup-python with: python-version: '3.x' - name: Cache python venv - uses: actions/cache@v4 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 if: ${{ contains(runner.name, 'GitHub Actions') }} id: cache-venv with: diff --git a/.github/workflows/update-manifest.yml b/.github/workflows/update-manifest.yml index d497c74..ff68fb2 100644 --- a/.github/workflows/update-manifest.yml +++ b/.github/workflows/update-manifest.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Update Julia dependencies run: > docker run --rm -w /tmp @@ -36,14 +36,14 @@ jobs: # Authenticate with a custom GitHub APP # https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens - name: Generate token for PR - uses: tibdex/github-app-token@v2 + uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2 id: generate-token with: app_id: ${{ env.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - name: Create Pull Request id: cpr - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6 with: title: Julia Dependency Update token: ${{ steps.generate-token.outputs.token }} diff --git a/env.Dockerfile b/env.Dockerfile index 9da764a..2dfe45b 100644 --- a/env.Dockerfile +++ b/env.Dockerfile @@ -1,5 +1,5 @@ -FROM julia:1.10.3 as julia -FROM python:3.12.3-slim +FROM julia:1.10.3@sha256:d2375e33738225f57caa34096ad0a15c699512027931324c62ed1949d797a2ff as julia +FROM python:3.12.3-slim@sha256:afc139a0a640942491ec481ad8dda10f2c5b753f5c969393b12480155fe15a63 # Julia config ENV JULIA_CI 'true'