From a2367aeb2b1ed177ccc722ef9091d2ca6652b820 Mon Sep 17 00:00:00 2001 From: asyncapi-bot Date: Fri, 5 Jun 2026 11:12:17 +0000 Subject: [PATCH 1/2] ci: update of files from global .github repo --- .github/workflows/if-nodejs-pr-testing.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/if-nodejs-pr-testing.yml b/.github/workflows/if-nodejs-pr-testing.yml index cef2b77..d9dd2a1 100644 --- a/.github/workflows/if-nodejs-pr-testing.yml +++ b/.github/workflows/if-nodejs-pr-testing.yml @@ -45,7 +45,7 @@ jobs: shell: bash - if: steps.should_run.outputs.shouldrun == 'true' name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - if: steps.should_run.outputs.shouldrun == 'true' @@ -62,7 +62,7 @@ jobs: id: lockversion - if: steps.packagejson.outputs.exists == 'true' name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: "${{ steps.lockversion.outputs.version }}" - if: steps.lockversion.outputs.version == '18' && matrix.os == 'windows-latest' From 74851b6f1687377cf74d9fdb4f0e93be0922bacf Mon Sep 17 00:00:00 2001 From: asyncapi-bot Date: Fri, 5 Jun 2026 11:13:26 +0000 Subject: [PATCH 2/2] ci: update of files from global .github repo --- .../workflows/add-good-first-issue-labels.yml | 4 +-- ...d-ready-to-merge-or-do-not-merge-label.yml | 12 +++---- .../automerge-for-humans-merging.yml | 4 +-- ...ns-remove-ready-to-merge-label-on-edit.yml | 3 +- .github/workflows/automerge-orphans.yml | 4 +-- .github/workflows/automerge.yml | 2 +- .github/workflows/bounty-program-commands.yml | 12 +++---- .github/workflows/help-command.yml | 8 ++--- .../workflows/issues-prs-notifications.yml | 6 ++-- .../workflows/microgrant-program-commands.yml | 12 +++---- .../workflows/notify-tsc-members-mention.yml | 36 +++++++++---------- .../workflows/please-take-a-look-command.yml | 4 +-- .github/workflows/release-announcements.yml | 6 ++-- .github/workflows/update-pr.yml | 4 +-- .../workflows/welcome-first-time-contrib.yml | 2 +- 15 files changed, 60 insertions(+), 59 deletions(-) diff --git a/.github/workflows/add-good-first-issue-labels.yml b/.github/workflows/add-good-first-issue-labels.yml index 5ba7a6a..6497461 100644 --- a/.github/workflows/add-good-first-issue-labels.yml +++ b/.github/workflows/add-good-first-issue-labels.yml @@ -14,13 +14,13 @@ permissions: {} jobs: add-labels: name: Add 'Good First Issue' and 'area/*' labels - if: ${{(!github.event.issue.pull_request && github.event.issue.state != 'closed' && github.actor != 'asyncapi-bot') && (contains(github.event.comment.body, '/good-first-issue') || contains(github.event.comment.body, '/gfi' ))}} + if: ${{(!github.event.issue.pull_request && github.event.issue.state != 'closed' && github.event.comment.user.login != 'asyncapi-bot') && (contains(github.event.comment.body, '/good-first-issue') || contains(github.event.comment.body, '/gfi' ))}} runs-on: ubuntu-latest permissions: issues: write # This is needed to add labels to issues. steps: - name: Add label - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | diff --git a/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml b/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml index 52d42f4..c823732 100644 --- a/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml +++ b/.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml @@ -24,7 +24,7 @@ jobs: if: > github.event.issue.pull_request && github.event.issue.state != 'closed' && - github.actor != 'asyncapi-bot' && + github.event.comment.user.login != 'asyncapi-bot' && ( contains(github.event.comment.body, '/ready-to-merge') || contains(github.event.comment.body, '/rtm' ) @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add ready-to-merge label - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: GITHUB_ACTOR: ${{ github.actor }} with: @@ -86,7 +86,7 @@ jobs: if: > github.event.issue.pull_request && github.event.issue.state != 'closed' && - github.actor != 'asyncapi-bot' && + github.event.comment.user.login != 'asyncapi-bot' && ( contains(github.event.comment.body, '/do-not-merge') || contains(github.event.comment.body, '/dnm' ) @@ -94,7 +94,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add do-not-merge label - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: # Bot PAT so the `labeled` event can trigger downstream workflows. github-token: ${{ secrets.GH_TOKEN }} @@ -113,7 +113,7 @@ jobs: if: > github.event.issue.pull_request && github.event.issue.state != 'closed' && - github.actor != 'asyncapi-bot' && + github.event.comment.user.login != 'asyncapi-bot' && ( contains(github.event.comment.body, '/autoupdate') || contains(github.event.comment.body, '/au' ) @@ -121,7 +121,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add autoupdate label - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: # Bot PAT so the `labeled` event can trigger the autoupdate workflow. github-token: ${{ secrets.GH_TOKEN }} diff --git a/.github/workflows/automerge-for-humans-merging.yml b/.github/workflows/automerge-for-humans-merging.yml index b47a551..c614111 100644 --- a/.github/workflows/automerge-for-humans-merging.yml +++ b/.github/workflows/automerge-for-humans-merging.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Get PR authors id: authors - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: script: | // Get paginated list of all commits in the PR @@ -71,7 +71,7 @@ jobs: - name: Create commit message id: create-commit-message - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: AUTHORS_JSON: ${{ steps.authors.outputs.result }} with: diff --git a/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml b/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml index d31ed82..807f966 100644 --- a/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml +++ b/.github/workflows/automerge-for-humans-remove-ready-to-merge-label-on-edit.yml @@ -18,10 +18,11 @@ jobs: name: Remove ready-to-merge label runs-on: ubuntu-latest permissions: + issues: write # required to remove labels and post comments on PR issues pull-requests: write # required to remove labels and post comments on PR issues steps: - name: Remove label - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | diff --git a/.github/workflows/automerge-orphans.yml b/.github/workflows/automerge-orphans.yml index cda0740..eecf68f 100644 --- a/.github/workflows/automerge-orphans.yml +++ b/.github/workflows/automerge-orphans.yml @@ -19,11 +19,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Get list of orphans - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 id: orphans with: github-token: ${{ github.token }} diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml index e81c003..628ea0d 100644 --- a/.github/workflows/automerge.yml +++ b/.github/workflows/automerge.yml @@ -26,7 +26,7 @@ jobs: github-token: "${{ secrets.GH_TOKEN_BOT_EVE }}" - name: Label autoapproved - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ secrets.GH_TOKEN }} script: | diff --git a/.github/workflows/bounty-program-commands.yml b/.github/workflows/bounty-program-commands.yml index 3447c2e..475c26e 100644 --- a/.github/workflows/bounty-program-commands.yml +++ b/.github/workflows/bounty-program-commands.yml @@ -29,7 +29,7 @@ jobs: issues: write # required to post a comment on the issue/PR pull-requests: write # required to post a comment on the issue/PR if it's a PR if: > - !contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + !contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && ( startsWith(github.event.comment.body, '/bounty' ) ) @@ -38,7 +38,7 @@ jobs: steps: - name: ❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: ACTOR: ${{ github.actor }} with: @@ -61,7 +61,7 @@ jobs: issues: write # required to read/create labels and add labels on the issue/PR pull-requests: write # required to read/create labels and add labels on the issue/PR if: > - contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && ( startsWith(github.event.comment.body, '/bounty' ) ) @@ -69,7 +69,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add label `bounty` - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | @@ -105,14 +105,14 @@ jobs: issues: write # required to read/remove labels on the issue/PR pull-requests: write # required to read/remove labels on the issue/PR if it's a PR if: > - contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && ( startsWith(github.event.comment.body, '/unbounty' ) ) runs-on: ubuntu-latest steps: - name: Remove label `bounty` - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | diff --git a/.github/workflows/help-command.yml b/.github/workflows/help-command.yml index 6fe1a13..1e84bba 100644 --- a/.github/workflows/help-command.yml +++ b/.github/workflows/help-command.yml @@ -13,13 +13,13 @@ permissions: {} jobs: create_help_comment_pr: name: Help Comment in PR - if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, '/help') && github.actor != 'asyncapi-bot' }} + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, '/help') && github.event.comment.user.login != 'asyncapi-bot' }} runs-on: ubuntu-latest permissions: pull-requests: write # To comment on Pull requests steps: - name: Add comment to PR - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: ACTOR: ${{ github.actor }} with: @@ -47,13 +47,13 @@ jobs: create_help_comment_issue: name: Help Comment in Issue - if: ${{ !github.event.issue.pull_request && startsWith(github.event.comment.body, '/help') && github.actor != 'asyncapi-bot' }} + if: ${{ !github.event.issue.pull_request && startsWith(github.event.comment.body, '/help') && github.event.comment.user.login != 'asyncapi-bot' }} runs-on: ubuntu-latest permissions: issues: write # To comment on Issues steps: - name: Add comment to Issue - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: ACTOR: ${{ github.actor }} with: diff --git a/.github/workflows/issues-prs-notifications.yml b/.github/workflows/issues-prs-notifications.yml index 1e3b616..1b84d0b 100644 --- a/.github/workflows/issues-prs-notifications.yml +++ b/.github/workflows/issues-prs-notifications.yml @@ -18,7 +18,7 @@ permissions: {} jobs: issue: - if: github.event_name == 'issues' && github.actor != 'asyncapi-bot' && github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' + if: github.event_name == 'issues' && github.event.issue.user.login != 'asyncapi-bot' && github.event.issue.user.login != 'dependabot[bot]' && github.event.issue.user.login != 'dependabot-preview[bot]' name: Notify slack on every new issue runs-on: ubuntu-latest steps: @@ -41,7 +41,7 @@ jobs: MSG_MINIMAL: true pull_request: - if: github.event_name == 'pull_request_target' && github.actor != 'asyncapi-bot' && github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' + if: github.event_name == 'pull_request_target' && github.event.pull_request.user.login != 'asyncapi-bot' && github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.user.login != 'dependabot-preview[bot]' name: Notify slack on every new pull request runs-on: ubuntu-latest steps: @@ -64,7 +64,7 @@ jobs: MSG_MINIMAL: true discussion: - if: github.event_name == 'discussion' && github.actor != 'asyncapi-bot' && github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' + if: github.event_name == 'discussion' && github.event.discussion.user.login != 'asyncapi-bot' && github.event.discussion.user.login != 'dependabot[bot]' && github.event.discussion.user.login != 'dependabot-preview[bot]' name: Notify slack on every new pull request runs-on: ubuntu-latest steps: diff --git a/.github/workflows/microgrant-program-commands.yml b/.github/workflows/microgrant-program-commands.yml index 75e39e8..fce4f56 100644 --- a/.github/workflows/microgrant-program-commands.yml +++ b/.github/workflows/microgrant-program-commands.yml @@ -29,7 +29,7 @@ jobs: issues: write # required to post a comment on the issue/PR pull-requests: write # required to post a comment on the issue/PR if it's a PR if: > - !contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + !contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && github.event.comment && ( github.event.comment.body == '/microgrant' || github.event.comment.body == '/unmicrogrant' @@ -39,7 +39,7 @@ jobs: steps: - name: ❌ @${{github.actor}} made an unauthorized attempt to use a Microgrant Program's command - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: ACTOR: ${{ github.actor }} with: @@ -62,7 +62,7 @@ jobs: issues: write # required to read/create labels and add labels on the issue/PR pull-requests: write # required to read/create labels and add labels on the issue/PR if: > - contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && ( github.event.comment.body == '/microgrant' ) @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Add label `microgrant` - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | @@ -107,14 +107,14 @@ jobs: issues: write # required to read/remove labels on the issue/PR pull-requests: write # required to read/remove labels on the issue/PR if it's a PR if: > - contains(fromJSON('["aeworxet","thulieblack"]'), github.actor) && + contains(fromJSON('["aeworxet","thulieblack"]'), github.event.comment.user.login) && ( github.event.comment.body == '/unmicrogrant' ) runs-on: ubuntu-latest steps: - name: Remove label `microgrant` - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: | diff --git a/.github/workflows/notify-tsc-members-mention.yml b/.github/workflows/notify-tsc-members-mention.yml index d5a945a..1921a63 100644 --- a/.github/workflows/notify-tsc-members-mention.yml +++ b/.github/workflows/notify-tsc-members-mention.yml @@ -34,11 +34,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -66,7 +66,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} @@ -83,11 +83,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -115,7 +115,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} @@ -132,11 +132,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -164,7 +164,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} @@ -181,11 +181,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -213,7 +213,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} @@ -230,11 +230,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -262,7 +262,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} @@ -279,11 +279,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: 'npm' @@ -311,7 +311,7 @@ jobs: run: npm install working-directory: ./.github/workflows/scripts/kit - name: Send email with Kit.com - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: KIT_API_KEY: ${{ secrets.KIT_API_KEY }} KIT_TSC_TAG_ID: ${{ secrets.KIT_TSC_TAG_ID }} diff --git a/.github/workflows/please-take-a-look-command.yml b/.github/workflows/please-take-a-look-command.yml index 30a6938..7739986 100644 --- a/.github/workflows/please-take-a-look-command.yml +++ b/.github/workflows/please-take-a-look-command.yml @@ -18,7 +18,7 @@ jobs: if: > github.event.issue.pull_request && github.event.issue.state != 'closed' && - github.actor != 'asyncapi-bot' && + github.event.comment.user.login != 'asyncapi-bot' && ( contains(github.event.comment.body, '/please-take-a-look') || contains(github.event.comment.body, '/ptal') || @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check for Please Take a Look Command - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ secrets.GH_TOKEN }} script: | diff --git a/.github/workflows/release-announcements.yml b/.github/workflows/release-announcements.yml index b521d39..d3d5b91 100644 --- a/.github/workflows/release-announcements.yml +++ b/.github/workflows/release-announcements.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Convert markdown to slack markdown for issue @@ -46,11 +46,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: persist-credentials: false - name: Get version of last and previous release - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 id: versions with: github-token: ${{ github.token }} diff --git a/.github/workflows/update-pr.yml b/.github/workflows/update-pr.yml index 285c02d..ae72239 100644 --- a/.github/workflows/update-pr.yml +++ b/.github/workflows/update-pr.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Get Pull Request Details id: pr - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ secrets.GH_TOKEN || github.token }} previews: 'merge-info-preview' # https://docs.github.com/en/graphql/overview/schema-previews#merge-info-preview-more-detailed-information-about-a-pull-requests-merge-state-preview @@ -61,7 +61,7 @@ jobs: } - name: Update the Pull Request if: steps.pr.outputs.updateable == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 env: PR_DETAILS: ${{ steps.pr.outputs.result }} with: diff --git a/.github/workflows/welcome-first-time-contrib.yml b/.github/workflows/welcome-first-time-contrib.yml index 49c761b..0d498aa 100644 --- a/.github/workflows/welcome-first-time-contrib.yml +++ b/.github/workflows/welcome-first-time-contrib.yml @@ -25,7 +25,7 @@ jobs: issues: write # Required to post welcome message on issues pull-requests: write # Required to post welcome message on pull requests steps: - - uses: actions/github-script@v7 + - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: github-token: ${{ github.token }} script: |