From f2cf63b3b01fc2af92ca9e23de17fb04cfa55018 Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:05 +0200 Subject: [PATCH 1/7] chore: pin actions to SHA in .github/workflows/fmt.yml --- .github/workflows/fmt.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/fmt.yml b/.github/workflows/fmt.yml index 31f46b38..aeb24704 100644 --- a/.github/workflows/fmt.yml +++ b/.github/workflows/fmt.yml @@ -11,10 +11,10 @@ jobs: os: [ubuntu-latest] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Cache Cargo - uses: actions/cache@v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: | ~/.cargo/registry From 15046a27b5902d7c414ede6420a1917d7fb7d3b0 Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:07 +0200 Subject: [PATCH 2/7] chore: pin actions to SHA in .github/workflows/lint.yml --- .github/workflows/lint.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 46a3a2d0..f2e5b168 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,9 +11,9 @@ jobs: os: [ubuntu-latest] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - - uses: actions/cache@v4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: | ~/.cargo/registry @@ -21,7 +21,7 @@ jobs: target key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - uses: taiki-e/install-action@v2 + - uses: taiki-e/install-action@80e6af7a2ec7f280fffe2d0a9d3a12a9d11d86e9 # v2.75.1 with: tool: cargo-hack@0.6.21,cargo-docs-rs@1.0.0 From c92395cffff6d4f407a6f877f85d147684fa8d3e Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:08 +0200 Subject: [PATCH 3/7] chore: pin actions to SHA in .github/workflows/netlify.yml --- .github/workflows/netlify.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/netlify.yml b/.github/workflows/netlify.yml index 1f222253..56c0e179 100644 --- a/.github/workflows/netlify.yml +++ b/.github/workflows/netlify.yml @@ -11,9 +11,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - - uses: actions/cache@v4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: | ~/.cargo/registry @@ -33,7 +33,7 @@ jobs: - if: github.ref == 'refs/heads/main' name: Deploy to Netlify (main only) - uses: South-Paw/action-netlify-deploy@v1.0.4 + uses: South-Paw/action-netlify-deploy@84b8cef9dab187f588f7f0be6f9affdb760b2ee1 # v1.0.4 with: github-token: ${{ secrets.GITHUB_TOKEN }} netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }} @@ -53,7 +53,7 @@ jobs: - if: github.ref != 'refs/heads/main' name: Commenting on PR - uses: unsplash/comment-on-pr@v1.2.0 + uses: unsplash/comment-on-pr@d1a1d5dd1eb1bb657a01f4d92dd5e4d5bb7857d3 # v1.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 8138ba872c14422374b0a4bc8eb69c42b81a4bcd Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:10 +0200 Subject: [PATCH 4/7] chore: pin actions to SHA in .github/workflows/publish.yml --- .github/workflows/publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 79996adb..cf64b086 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,8 +7,8 @@ jobs: permissions: id-token: write steps: - - uses: actions/checkout@v6 - - uses: rust-lang/crates-io-auth-action@v1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: rust-lang/crates-io-auth-action@b7e9a28eded4986ec6b1fa40eeee8f8f165559ec # v1 id: auth - run: | cargo publish -p ic-transport-types From 59d92f0a0f954f7aa7f9b7e584ab0edb9d47ca35 Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:12 +0200 Subject: [PATCH 5/7] chore: pin actions to SHA in .github/workflows/release.yml --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ca0abcad..aebe0583 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,8 +25,8 @@ jobs: binary_path: target/x86_64-apple-darwin/release binary_files: icx steps: - - uses: actions/checkout@v4 - - uses: taiki-e/install-action@v2 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: taiki-e/install-action@80e6af7a2ec7f280fffe2d0a9d3a12a9d11d86e9 # v2.75.1 with: tool: cross@0.2.5 @@ -62,7 +62,7 @@ jobs: - name: Upload tarball if: ${{ github.event_name == 'push' }} - uses: svenstaro/upload-release-action@v2 + uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # 2.11.5 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: binaries.tar.gz From edfae53c3324f6d410d5abc6b8d6c5dcb594cd88 Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:13 +0200 Subject: [PATCH 6/7] chore: pin actions to SHA in .github/workflows/shellcheck.yml --- .github/workflows/shellcheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 840bc53e..98f26b60 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -16,7 +16,7 @@ jobs: # ubuntu-latest has shellcheck 0.4.6, while macos-12 has 0.7.1 runs-on: macos-15-intel steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Install shellcheck run: | mkdir $HOME/bin From a500f8210a967bb498254a57f9e8b64596148480 Mon Sep 17 00:00:00 2001 From: slawomirbabicz <111378977+slawomirbabicz@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:42:15 +0200 Subject: [PATCH 7/7] chore: pin actions to SHA in .github/workflows/test.yml --- .github/workflows/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0d867048..312be186 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,9 +15,9 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - - uses: actions/cache@v4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: | ~/.cargo/registry @@ -33,7 +33,7 @@ jobs: - name: Install node for SoftHSM tests if: ${{ matrix.os == 'ubuntu-latest' }} - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: 20