Skip to content

Commit 285cf07

Browse files
julien-carsique-sonarsourcejulien-carsique-sonarsource
committed
BUILD-9877 pin external action versions
actions/checkout v5.0.0 actions/setup-python v5.6.0
1 parent 4a17880 commit 285cf07

File tree

2 files changed

+14
-14
lines changed

2 files changed

+14
-14
lines changed

.cursor/cirrus-github-migration.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ Update this section when newer versions are released:
7373

7474
#### Core GitHub Actions
7575

76-
- [ ] `actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8`
76+
- [ ] `actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0`
7777
- [ ] `actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2`
7878
- [ ] `actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0`
7979

@@ -394,7 +394,7 @@ build_task:
394394
jobs:
395395
build:
396396
steps:
397-
- uses: actions/checkout@v4
397+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
398398
399399
# Step 1: Retrieve secrets from Vault
400400
- name: Vault
@@ -951,7 +951,7 @@ jobs:
951951
build:
952952
runs-on: github-ubuntu-latest-s
953953
steps:
954-
- uses: actions/checkout@v4
954+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
955955
- run: echo "Custom GitHub-hosted runner"
956956
```
957957

@@ -977,7 +977,7 @@ jobs:
977977
build:
978978
runs-on: sonar-m
979979
steps:
980-
- uses: actions/checkout@v4
980+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
981981
- run: echo "Private self-hosted (new generation)"
982982
```
983983

@@ -1192,7 +1192,7 @@ permissions:
11921192

11931193
Standard order:
11941194

1195-
1. `actions/checkout@v4`
1195+
1. `actions/checkout`
11961196
2. `jdx/mise-action` (tool setup)
11971197
3. Build action (`build-maven@v1`, etc.)
11981198
4. `promote@v1` (promote job only)

README.md

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -153,7 +153,7 @@ permissions:
153153
id-token: write
154154
contents: write
155155
steps:
156-
- uses: actions/checkout@v5
156+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
157157
- uses: SonarSource/ci-github-actions/config-maven@v1
158158
- run: mvn verify
159159
```
@@ -254,7 +254,7 @@ permissions:
254254
id-token: write
255255
contents: write
256256
steps:
257-
- uses: actions/checkout@v5
257+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
258258
- uses: SonarSource/ci-github-actions/config-maven@v1
259259
- uses: SonarSource/ci-github-actions/build-maven@v1
260260
```
@@ -363,7 +363,7 @@ jobs:
363363
id-token: write
364364
contents: write
365365
steps:
366-
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
366+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
367367
- uses: SonarSource/ci-github-actions/build-poetry@v1
368368
with:
369369
public: false # Defaults to `true` if the repository is public
@@ -471,7 +471,7 @@ permissions:
471471
id-token: write
472472
contents: write
473473
steps:
474-
- uses: actions/checkout@v5
474+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
475475
- uses: SonarSource/ci-github-actions/config-gradle@v1
476476
- run: ./gradlew build
477477
```
@@ -594,7 +594,7 @@ jobs:
594594
id-token: write
595595
contents: write
596596
steps:
597-
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
597+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
598598
- uses: SonarSource/ci-github-actions/build-gradle@v1
599599
with:
600600
# Enable shadow scans for unified platform dogfooding (optional)
@@ -890,7 +890,7 @@ jobs:
890890
id-token: write
891891
contents: write
892892
steps:
893-
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
893+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
894894
- uses: SonarSource/ci-github-actions/build-npm@v1
895895
with:
896896
# Enable shadow scans for unified platform dogfooding (optional)
@@ -1004,7 +1004,7 @@ jobs:
10041004
id-token: write
10051005
contents: write
10061006
steps:
1007-
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
1007+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
10081008
- uses: SonarSource/ci-github-actions/build-yarn@v1
10091009
with:
10101010
# Enable shadow scans for unified platform dogfooding (optional)
@@ -1086,8 +1086,8 @@ permissions:
10861086
id-token: write
10871087
contents: read
10881088
steps:
1089-
- uses: actions/checkout@v5
1090-
- uses: actions/setup-python@v5
1089+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
1090+
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
10911091
with:
10921092
python-version: 3.12
10931093
- uses: SonarSource/ci-github-actions/config-pip@v1

0 commit comments

Comments
 (0)