getsentry
diff --git a/‎.github/workflows/build.yml
Lines changed: 22 additions & 19 deletions b/‎.github/workflows/build.yml
Lines changed: 22 additions & 19 deletions
diff --git a/‎.github/workflows/ci.yml
Lines changed: 12 additions & 12 deletions b/‎.github/workflows/ci.yml
Lines changed: 12 additions & 12 deletions
diff --git a/‎.github/workflows/format-code.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/format-code.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/release.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/release.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/sdk.yml
Lines changed: 17 additions & 14 deletions b/‎.github/workflows/sdk.yml
Lines changed: 17 additions & 14 deletions
@@ -10,6 +10,9 @@ env:
   LOWEST_SUPPORTED_UNITY_VERSION: 2019
   DOTNET_CLI_TELEMETRY_OPTOUT: 1
   DOTNET_NOLOGO: 1
+  GITHUB_ACTOR: ${{ github.actor }}
+  GITHUB_SHA: ${{ github.sha }}
+  UNITY_VERSION: ${{ inputs.unity-version }}
 
 defaults:
   run:
@@ -21,19 +24,19 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
 
       - name: Checkout submodules
         run: git submodule update --init --recursive src/sentry-dotnet
 
       - name: Load env
         id: env
-        run: echo "unityVersion=$(./scripts/ci-env.ps1 "unity${{ inputs.unity-version }}")" >> $env:GITHUB_OUTPUT
+        run: echo "unityVersion=$(./scripts/ci-env.ps1 "unity${env:UNITY_VERSION}")" >> $env:GITHUB_OUTPUT
 
       - run: echo "::add-mask::${{ secrets.LICENSE_SERVER_URL }}"
 
       - name: Restore Unity Packages
-        uses: actions/cache@v3
+        uses: actions/cache@2f8e54208210a422b2efd51efaa6bd6d7ca8920f # v3
         with:
           path: |
             samples/unity-of-bugs/Library/Packages
@@ -44,41 +47,41 @@ jobs:
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # pinned v3
         with:
           registry: ghcr.io
-          username: ${{ github.actor }} 
-          password: ${{ secrets.GITHUB_TOKEN }} 
+          username: ${{ env.GITHUB_ACTOR }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Start the Unity docker container
-        run: ./scripts/ci-docker.sh '${{ inputs.unity-version }}' 'ios' '${{ secrets.UNITY_LICENSE_SERVER_CONFIG }}'
+        run: ./scripts/ci-docker.sh "${UNITY_VERSION}" 'ios' '${{ secrets.UNITY_LICENSE_SERVER_CONFIG }}'
         shell: bash
 
       - name: Install .NET SDK
         if: runner.os != 'Windows'
-        uses: actions/setup-dotnet@v4
+        uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4
         with:
           global-json-file: src/sentry-dotnet/global.json
 
       - name: Install Android dotnet workflow
-        run: dotnet workload install android --temp-dir "${{ runner.temp }}"
+        run: dotnet workload install android --temp-dir "${env:RUNNER_TEMP}"
 
       - name: Download CLI
         run: ./scripts/download-sentry-cli.ps1
 
       - name: Download Android SDK
-        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848
+        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848 # v4-with-wait-timeout
         with:
           name: Android-sdk
           path: package-dev/Plugins/Android
           wait-timeout: 3600
 
       - name: Download Linux SDK
-        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848
+        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848 # v4-with-wait-timeout
         with:
           name: Linux-sdk
           path: package-dev/Plugins/Linux
           wait-timeout: 3600
 
       - name: Download Windows SDK
-        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848
+        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848 # v4-with-wait-timeout
         with:
           name: Windows-sdk
           path: package-dev/Plugins/Windows
@@ -97,16 +100,16 @@ jobs:
         run: docker exec unity /home/gh/.dotnet/tools/assemblyalias --target-directory "package-dev/Runtime" --internalize --prefix "Sentry." --assemblies-to-alias "Microsoft*;System*"
 
       - name: Package for release
-        if: ${{ inputs.unity-version == env.LOWEST_SUPPORTED_UNITY_VERSION }}
+        if: ${{ env.UNITY_VERSION == env.LOWEST_SUPPORTED_UNITY_VERSION }}
         run: |
           docker exec unity dotnet msbuild /t:UnityConfigureSentryOptions /p:Configuration=Release /p:OutDir=other src/Sentry.Unity
           ./scripts/pack.ps1
 
       - name: Upload release artifacts
-        uses: actions/upload-artifact@v4
-        if: ${{ inputs.unity-version == env.LOWEST_SUPPORTED_UNITY_VERSION }}
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
+        if: ${{ env.UNITY_VERSION == env.LOWEST_SUPPORTED_UNITY_VERSION }}
         with:
-          name: ${{ github.sha }}
+          name: ${{ env.GITHUB_SHA }}
           if-no-files-found: error
           path: |
             package-release.zip
@@ -117,16 +120,16 @@ jobs:
           docker exec unity dotnet msbuild /t:UnityPlayModeTest /p:Configuration=Release /p:OutDir=other test/Sentry.Unity.Tests
 
       - name: Upload test artifacts (playmode)
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
-          name: Test results (playmode) - ${{inputs.unity-version}}
+          name: Test results (playmode) - ${{ env.UNITY_VERSION }}
           path: artifacts/test/playmode
 
       - name: Run Unity tests (editmode)
         run: docker exec unity dotnet msbuild /t:UnityEditModeTest /p:Configuration=Release /p:OutDir=other test/Sentry.Unity.Editor.Tests
 
       - name: Upload test artifacts (editmode)
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
-          name: Test results (editmode) - ${{inputs.unity-version}}
+          name: Test results (editmode) - ${{ env.UNITY_VERSION }}
           path: artifacts/test/editmode
@@ -67,7 +67,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Download UPM package
-        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848
+        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848 # v4-with-wait-timeout
         with:
           name: ${{ github.sha }}
           wait-timeout: 3600
@@ -118,7 +118,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Free Disk Space (Ubuntu)
-        uses: jlumbroso/free-disk-space@f68fdb76e2ea636224182cfb7377ff9a1708f9b8
+        uses: jlumbroso/free-disk-space@f68fdb76e2ea636224182cfb7377ff9a1708f9b8 # v1.3.0
         with:
           android: true
           dotnet: false
@@ -149,18 +149,18 @@ jobs:
           docker exec --user root unity apt-get -y -q install mono-devel
 
       - name: Download IntegrationTest project
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
         with:
           name: smoke-test-${{ matrix.unity-version }}
 
       - name: Extract project archive
         run: tar -xvzf test-project.tar.gz
 
       # - name: Build without Sentry SDK
-      #   run: ./test/Scripts.Integration.Test/build-project.ps1 -UnityPath "${{ env.UNITY_PATH }}" -Platform "${{ matrix.platform }}"
+      #   run: ./test/Scripts.Integration.Test/build-project.ps1 -UnityPath "${env:UNITY_PATH}" -Platform "${{ matrix.platform }}"
 
       - name: Download UPM package
-        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848
+        uses: vaind/download-artifact@e7141b6a94ef28aa3d828b52830cfa1f406a1848 # v4-with-wait-timeout
         with:
           name: ${{ github.sha }}
           wait-timeout: 3600
@@ -187,7 +187,7 @@ jobs:
 
       # Upload runtime initialization build
       - name: Upload test app
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
           name: testapp-${{ matrix.platform }}-${{ matrix.unity-version }}-runtime
           if-no-files-found: error
@@ -196,7 +196,7 @@ jobs:
 
       - name: Upload IntegrationTest project on failure
         if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
           name: failed-project-${{ matrix.platform }}-${{ matrix.unity-version }}
           path: |
@@ -302,7 +302,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Download test app artifact
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
         id: download
         with:
           name: testapp-${{ matrix.platform }}-${{ matrix.unity-version }}-runtime
@@ -345,7 +345,7 @@ jobs:
           #   unity-config-path: /Library/Application Support/Unity/config/
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
 
       - name: Load env
         id: env
@@ -365,18 +365,18 @@ jobs:
           Set-Content -Path '${{ matrix.unity-config-path }}services-config.json' -Value '${{ secrets.UNITY_LICENSE_SERVER_CONFIG }}'
 
       - name: Download IntegrationTest project
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
         with:
           name: smoke-test-${{ matrix.unity-version }}
 
       - name: Extract project archive
         run: tar -xvzf test-project.tar.gz
 
       - name: Build without Sentry SDK
-        run: ./test/Scripts.Integration.Test/build-project.ps1 -UnityPath "${{ env.UNITY_PATH }}"
+        run: ./test/Scripts.Integration.Test/build-project.ps1 -UnityPath "${env:UNITY_PATH}"
 
       - name: Download UPM package
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
         with:
           name: ${{ github.sha }}
 
 
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
         with:
           submodules: recursive
 
 
@@ -25,13 +25,13 @@ jobs:
           private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
 
       - name: Check out current commit (${{ github.sha }})
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
         with:
           token: ${{ steps.token.outputs.token }}
           fetch-depth: 0
 
       - name: Prepare release ${{ github.event.inputs.version }}
-        uses: getsentry/action-prepare-release@v1
+        uses: getsentry/action-prepare-release@3cea80dc3938c0baf5ec4ce752ecb311f8780cdc # v1
         env:
           GITHUB_TOKEN: ${{ steps.token.outputs.token }}
         with:
 
@@ -16,15 +16,18 @@ on:
 env:
   DOTNET_CLI_TELEMETRY_OPTOUT: 1
   DOTNET_NOLOGO: 1
+  TARGET: ${{ inputs.target }}
+  CONTAINER: ${{ inputs.container }}
+  RUNS_ON: ${{ inputs.runsOn }}
 
 jobs:
   build:
-    runs-on: ${{ inputs.runsOn }}
-    container: ${{ inputs.container }}
+    runs-on: ${{ env.RUNS_ON }}
+    container: ${{ env.CONTAINER }}
     timeout-minutes: 30
     steps:
       - name: Set up Git in container
-        if: ${{ inputs.container != '' }}
+        if: ${{ env.CONTAINER != '' }}
         # ubuntu:20.04 does not have git installed by default. Make it available
         # for actions/checkout to get a proper clone instead of downloading a
         # tarball using the GitHub REST API. This ensures that git submodule
@@ -40,13 +43,13 @@ jobs:
         env:
           DEBIAN_FRONTEND: noninteractive
 
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
 
       - name: Select submodules
         id: env
         shell: bash
         run: |
-          if [[ "${{ inputs.target }}" == "Android" ]]; then
+          if [[ "${TARGET}" == "Android" ]]; then
             submodules="modules/sentry-java"
           else
             submodules="modules/sentry-native"
@@ -58,22 +61,22 @@ jobs:
       - name: Get submodule status
         run: git submodule status --cached ${{ steps.env.outputs.submodules }} | tee submodules-status
 
-      - run: cp -r package-dev/Plugins/${{ inputs.target }} sdk-static || echo "never mind, no files checked in..."
+      - run: cp -r package-dev/Plugins/${TARGET} sdk-static || echo "never mind, no files checked in..."
         shell: bash
 
       - name: Restore from cache
-        uses: actions/cache@v3
+        uses: actions/cache@2f8e54208210a422b2efd51efaa6bd6d7ca8920f # v3
         id: cache
         with:
           # Note: native SDKs are cached and only built if the respective 'package-dev/Plugins/' directories are empty.
           # Output changes only depending on the git sha of the submodules
           # hash of package/package.json for cache busting on release builds (version bump)
           path: |
             package-dev/Plugins
-          key: sdk=${{ inputs.target }}-${{ hashFiles('submodules-status', 'package/package.json', 'Directory.Build.targets', 'sdk-static/**') }}
+          key: sdk=${{ env.TARGET }}-${{ hashFiles('submodules-status', 'package/package.json', 'Directory.Build.targets', 'sdk-static/**') }}
 
       - name: Installing Linux Dependencies
-        if: ${{ inputs.target == 'Linux' && steps.cache.outputs.cache-hit != 'true' }}
+        if: ${{ env.TARGET == 'Linux' && steps.cache.outputs.cache-hit != 'true' }}
         shell: bash
         run: |
           apt-get update
@@ -88,19 +91,19 @@ jobs:
         if: steps.cache.outputs.cache-hit != 'true'
         run: |
           git submodule update --init --recursive ${{ steps.env.outputs.submodules }}
-          dotnet msbuild /t:Build${{ inputs.target }}SDK /p:Configuration=Release /p:OutDir=other src/Sentry.Unity
+          dotnet msbuild /t:Build${TARGET}SDK /p:Configuration=Release /p:OutDir=other src/Sentry.Unity
 
       - name: Upload build logs on failure
         if: ${{ failure() }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
           path: ${{ steps.env.outputs.submodulesPath }}/build.log
           # Lower retention period - we only need this to retry CI.
           retention-days: 14
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
-          name: ${{ inputs.target }}-sdk
-          path: package-dev/Plugins/${{ inputs.target }}
+          name: ${{ env.TARGET }}-sdk
+          path: package-dev/Plugins/${{ env.TARGET }}
           # Lower retention period - we only need this to retry CI.
           retention-days: 14