From 27f28d555894d66e0e8b48ce724bc5747d6c9909 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 13 May 2025 12:13:04 +0000 Subject: [PATCH] Pin dependencies (#4843) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/docs-pr-netlify.yaml | 4 +-- .github/workflows/pull_request.yaml | 6 ++-- .github/workflows/release-checks.yml | 2 +- .../workflows/release-drafter-workflow.yml | 8 ++--- .github/workflows/release-gitflow.yml | 6 ++-- .github/workflows/release-make.yml | 12 +++---- .github/workflows/release-npm.yml | 4 +-- .github/workflows/release.yml | 12 +++---- .github/workflows/sonarcloud.yml | 6 ++-- .github/workflows/static_analysis.yml | 32 +++++++++---------- .github/workflows/tests.yml | 6 ++-- .github/workflows/triage-stale.yml | 2 +- 12 files changed, 50 insertions(+), 50 deletions(-) diff --git a/.github/workflows/docs-pr-netlify.yaml b/.github/workflows/docs-pr-netlify.yaml index 27c3045c4..4b085db40 100644 --- a/.github/workflows/docs-pr-netlify.yaml +++ b/.github/workflows/docs-pr-netlify.yaml @@ -15,7 +15,7 @@ jobs: deployments: write steps: - name: 📥 Download artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: github-token: ${{ secrets.GITHUB_TOKEN }} run-id: ${{ github.event.workflow_run.id }} @@ -23,7 +23,7 @@ jobs: path: docs - name: 📤 Deploy to Netlify - uses: matrix-org/netlify-pr-preview@v3 + uses: matrix-org/netlify-pr-preview@9805cd123fc9a7e421e35340a05e1ebc5dee46b5 # v3 with: path: docs owner: ${{ github.event.workflow_run.head_repository.owner.login }} diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 98572ff6a..280a5d6cf 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -35,7 +35,7 @@ jobs: pull-requests: read steps: - name: Add notice - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 if: contains(github.event.pull_request.labels.*.name, 'X-Blocked') with: script: | @@ -60,7 +60,7 @@ jobs: - name: Add label if: steps.teams.outputs.isTeamMember == 'false' - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 with: script: | github.rest.issues.addLabels({ @@ -79,7 +79,7 @@ jobs: github.event.pull_request.head.repo.full_name != github.repository steps: - name: Close pull request - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/release-checks.yml b/.github/workflows/release-checks.yml index b83b4dd1c..3d452be20 100644 --- a/.github/workflows/release-checks.yml +++ b/.github/workflows/release-checks.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check for X-Release-Blocker label on any open issues or PRs - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 env: REPO: ${{ inputs.repository }} with: diff --git a/.github/workflows/release-drafter-workflow.yml b/.github/workflows/release-drafter-workflow.yml index 239ad8144..0ea12a35f 100644 --- a/.github/workflows/release-drafter-workflow.yml +++ b/.github/workflows/release-drafter-workflow.yml @@ -16,12 +16,12 @@ jobs: contents: write steps: - name: 🧮 Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: staging fetch-depth: 0 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version-file: package.json cache: "yarn" @@ -37,7 +37,7 @@ jobs: disable-autolabeler: true - name: Get actions scripts - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: repository: matrix-org/matrix-js-sdk persist-credentials: false @@ -48,7 +48,7 @@ jobs: - name: Ingest upstream changes if: inputs.include-changes - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} RELEASE_ID: ${{ steps.draft-release.outputs.id }} diff --git a/.github/workflows/release-gitflow.yml b/.github/workflows/release-gitflow.yml index ff6a2ec33..d53057ece 100644 --- a/.github/workflows/release-gitflow.yml +++ b/.github/workflows/release-gitflow.yml @@ -18,14 +18,14 @@ jobs: merge: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: # We will be pushing to this branch and want the CI to run after we do so we cannot use the GITHUB_TOKEN token: ${{ secrets.ELEMENT_BOT_TOKEN }} fetch-depth: 0 - name: Get actions scripts - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: repository: matrix-org/matrix-js-sdk persist-credentials: false @@ -33,7 +33,7 @@ jobs: sparse-checkout: | scripts/release - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json diff --git a/.github/workflows/release-make.yml b/.github/workflows/release-make.yml index 8b1c24a26..07a03f7bc 100644 --- a/.github/workflows/release-make.yml +++ b/.github/workflows/release-make.yml @@ -73,7 +73,7 @@ jobs: draft: true latest: true - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: staging # We will be pushing to this branch and want the CI to run after we do so we cannot use the GITHUB_TOKEN @@ -81,7 +81,7 @@ jobs: fetch-depth: 0 - name: Get actions scripts - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: repository: matrix-org/matrix-js-sdk persist-credentials: false @@ -106,7 +106,7 @@ jobs: run: echo "VERSION=$(echo $VERSION | cut -d- -f1)" >> $GITHUB_ENV - name: Check version number not in use - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 with: script: | const { VERSION } = process.env; @@ -125,7 +125,7 @@ jobs: git config --global user.email "releases@riot.im" git config --global user.name "RiotRobot" - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -218,7 +218,7 @@ jobs: - name: Validate release has expected assets if: inputs.expected-asset-count - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 env: RELEASE_ID: ${{ steps.draft-release.outputs.id }} EXPECTED_ASSET_COUNT: ${{ inputs.expected-asset-count }} @@ -246,7 +246,7 @@ jobs: git push origin master - name: Publish release - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 env: RELEASE_ID: ${{ steps.draft-release.outputs.id }} FINAL: ${{ inputs.final }} diff --git a/.github/workflows/release-npm.yml b/.github/workflows/release-npm.yml index d9633264a..1e47d4bcf 100644 --- a/.github/workflows/release-npm.yml +++ b/.github/workflows/release-npm.yml @@ -20,12 +20,12 @@ jobs: id: ${{ steps.npm-publish.outputs.id }} steps: - name: 🧮 Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: ref: staging - name: 🔧 Yarn cache - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" registry-url: "https://registry.npmjs.org" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ee0efc774..1fd0b44d0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -44,13 +44,13 @@ jobs: repo: - element-hq/element-web steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: repository: ${{ matrix.repo }} ref: staging token: ${{ secrets.ELEMENT_BOT_TOKEN }} - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version: "lts/*" @@ -73,10 +73,10 @@ jobs: runs-on: ubuntu-24.04 steps: - name: 🧮 Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: 🔧 Yarn cache - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -88,7 +88,7 @@ jobs: run: yarn gendoc - name: Upload artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3 with: path: _docs @@ -106,4 +106,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4 diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 4e584a516..f90be2e02 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -43,7 +43,7 @@ jobs: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: 📥 Download artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 if: ${{ !inputs.sharded }} with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -51,7 +51,7 @@ jobs: name: coverage path: coverage - name: 📥 Download sharded artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 if: inputs.sharded with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -75,7 +75,7 @@ jobs: - name: "🩻 SonarCloud Scan" id: sonarcloud - uses: matrix-org/sonarcloud-workflow-action@v4.0 + uses: matrix-org/sonarcloud-workflow-action@820f7c2e9e94ba9e35add0f739691e5c7e23fa25 # v4.0 # workflow_run fails report against the develop commit always, we don't want that for PRs continue-on-error: ${{ github.event.workflow_run.head_branch != 'develop' }} with: diff --git a/.github/workflows/static_analysis.yml b/.github/workflows/static_analysis.yml index 7c53f80be..afd53d014 100644 --- a/.github/workflows/static_analysis.yml +++ b/.github/workflows/static_analysis.yml @@ -14,9 +14,9 @@ jobs: name: "Typescript Syntax Check" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -31,9 +31,9 @@ jobs: name: "ESLint" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -48,9 +48,9 @@ jobs: name: "Node.js example" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -61,7 +61,7 @@ jobs: - name: Build Types run: "yarn build:types" - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "npm" node-version-file: "examples/node/package.json" @@ -83,9 +83,9 @@ jobs: name: "Workflow Lint" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -100,9 +100,9 @@ jobs: name: "JSDoc Checker" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -114,7 +114,7 @@ jobs: run: "yarn run gendoc --treatWarningsAsErrors --suppressCommentWarningsInDeclarationFiles" - name: Upload Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: docs path: _docs @@ -125,9 +125,9 @@ jobs: name: "Analyse Dead Code" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version-file: package.json @@ -143,11 +143,11 @@ jobs: if: github.event_name == 'merge_group' runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: repository: element-hq/element-web - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version: "lts/*" diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index c8f70afcb..66c891c2b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -22,11 +22,11 @@ jobs: node: ["lts/*", 22] steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Setup Node id: setupNode - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: cache: "yarn" node-version: ${{ matrix.node }} @@ -57,7 +57,7 @@ jobs: - name: Upload Artifact if: env.ENABLE_COVERAGE == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: coverage-${{ matrix.specs }}-${{ matrix.node == 'lts/*' && 'lts' || matrix.node }} path: | diff --git a/.github/workflows/triage-stale.yml b/.github/workflows/triage-stale.yml index 5921d924c..46aa4ae04 100644 --- a/.github/workflows/triage-stale.yml +++ b/.github/workflows/triage-stale.yml @@ -12,7 +12,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v9 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9 with: operations-per-run: 250 days-before-issue-stale: -1