From 52f4f67e3c32044d7163bacdf4174a99b9720baf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Jun 2026 19:53:13 +0000 Subject: [PATCH] Pin dependencies --- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/github-pages.yml | 10 +++++----- .github/workflows/publish.yml | 20 ++++++++++---------- .github/workflows/release.yml | 4 ++-- .github/workflows/test.yml | 6 +++--- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0f389b8f..381eaa10 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,11 +34,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@v7.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.36.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -51,7 +51,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v4.36.2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -64,4 +64,4 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v4.36.2 diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml index 522392d8..01e37bf7 100644 --- a/.github/workflows/github-pages.yml +++ b/.github/workflows/github-pages.yml @@ -23,10 +23,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@v7.0.0 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@v2.2.0 with: bun-version-file: package.json @@ -37,10 +37,10 @@ jobs: run: bunx nx build docs - name: Setup Pages - uses: actions/configure-pages@v6 + uses: actions/configure-pages@v6.0.0 - name: Upload artifact - uses: actions/upload-pages-artifact@v5 + uses: actions/upload-pages-artifact@v5.0.0 with: path: ./docs/build @@ -53,4 +53,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v5 + uses: actions/deploy-pages@v5.0.0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 098bb9b0..779db379 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Docker meta id: meta - uses: docker/metadata-action@v6 + uses: docker/metadata-action@v6.1.0 with: images: | expediagroup/comparadise @@ -18,19 +18,19 @@ jobs: type=ref,event=tag - name: Set up QEMU - uses: docker/setup-qemu-action@v4 + uses: docker/setup-qemu-action@v4.1.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4 + uses: docker/setup-buildx-action@v4.1.0 - name: Login to DockerHub - uses: docker/login-action@v4 + uses: docker/login-action@v4.2.0 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} - name: Build and push - uses: docker/build-push-action@v7 + uses: docker/build-push-action@v7.2.0 with: push: true tags: ${{ steps.meta.outputs.tags }} @@ -43,10 +43,10 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@v7.0.0 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@v2.2.0 with: bun-version-file: package.json @@ -54,12 +54,12 @@ jobs: run: bun install - name: Setup pnpm - uses: pnpm/action-setup@v6 + uses: pnpm/action-setup@v6.0.9 with: version: latest - name: Setup node for npm publish - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.4.0 with: node-version: latest @@ -77,7 +77,7 @@ jobs: publish-tags: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v7 + - uses: actions/checkout@v7.0.0 - name: Update Major Version run: | MAJOR_VERSION=$(echo "${GITHUB_REF}" | cut -d "/" -f3 | cut -d "." -f1) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8861e6f2..c1ae3bf9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@v7.0.0 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@v2.2.0 with: bun-version-file: package.json diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 99c24221..ad15ef71 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,17 +15,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@v7.0.0 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN || secrets.GITHUB_TOKEN }} - - uses: nrwl/nx-set-shas@v5 + - uses: nrwl/nx-set-shas@v5.0.1 - name: Setup Bun - uses: oven-sh/setup-bun@v2 + uses: oven-sh/setup-bun@v2.2.0 with: bun-version-file: package.json