diff --git a/.github/actions/install-tool/action.yaml b/.github/actions/install-tool/action.yaml index 69853cad..bf99da6a 100644 --- a/.github/actions/install-tool/action.yaml +++ b/.github/actions/install-tool/action.yaml @@ -16,7 +16,7 @@ runs: using: composite steps: - name: Install PHP-CS-Fixer - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@1919f6c305aea6ab10e6181a8ddf72317ad77e0e # 2.3.1 with: working-directory: 'vendor-bin/${{ inputs.vendor-bin-tool }}' diff --git a/.github/actions/install-vendor/action.yaml b/.github/actions/install-vendor/action.yaml index e6bb4fdd..6bb0c010 100644 --- a/.github/actions/install-vendor/action.yaml +++ b/.github/actions/install-vendor/action.yaml @@ -20,6 +20,6 @@ runs: shell: sh - name: Install Composer dependencies - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@1919f6c305aea6ab10e6181a8ddf72317ad77e0e # 2.3.1 with: - dependency-versions: ${{ inputs.dependency-versions }} \ No newline at end of file + dependency-versions: ${{ inputs.dependency-versions }} diff --git a/.github/workflows/composer-root-version.yaml b/.github/workflows/composer-root-version.yaml index 1f9683fe..73578a63 100644 --- a/.github/workflows/composer-root-version.yaml +++ b/.github/workflows/composer-root-version.yaml @@ -19,10 +19,10 @@ jobs: name: Lint CS steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.2' tools: composer @@ -41,7 +41,7 @@ jobs: makefile-command: php_cs_fixer_install - name: Install the Composer dependencies - uses: ramsey/composer-install@v3 + uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1 with: working-directory: 'composer-root-version-checker' @@ -58,16 +58,16 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: "${{ matrix.php }}" tools: composer - name: Install the Composer dependencies - uses: ramsey/composer-install@v3 + uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1 with: working-directory: 'composer-root-version-checker' @@ -99,21 +99,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.head_ref }} fetch-depth: '0' # Ensures the tags are fetched token: ${{ secrets.GITHUB_TOKEN }} - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.3' tools: composer coverage: none - name: Install the Composer dependencies - uses: ramsey/composer-install@v3 + uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1 with: working-directory: 'composer-root-version-checker' @@ -132,7 +132,7 @@ jobs: - name: Create Pull Request if: env.composer_root_version_changed == 'true' - uses: peter-evans/create-pull-request@v8 + uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} branch-suffix: random diff --git a/.github/workflows/e2e-tests.yaml b/.github/workflows/e2e-tests.yaml index 6a60ab3a..367f2d79 100644 --- a/.github/workflows/e2e-tests.yaml +++ b/.github/workflows/e2e-tests.yaml @@ -27,12 +27,12 @@ jobs: - '8.3' steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: ${{ matrix.php }} ini-values: phar.readonly=0 @@ -49,7 +49,7 @@ jobs: - name: Ensure the PHAR works run: bin/php-scoper.phar --version - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 name: Upload the PHAR artifact with: name: php-scoper-phar-${{ matrix.php }} @@ -102,12 +102,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: ${{ matrix.php }} ini-values: phar.readonly=0 @@ -121,7 +121,7 @@ jobs: uses: ./.github/actions/install-vendor - name: Retrieve built PHAR - uses: actions/download-artifact@v7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.037930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: php-scoper-phar-${{ matrix.php }} path: bin @@ -165,13 +165,13 @@ jobs: steps: - name: Checkout PHPUnit code - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: repository: 'sebastianbergmann/phpunit' - name: Install PHP with extensions - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: ${{ matrix.php-version }} coverage: ${{ matrix.coverage }} @@ -180,13 +180,13 @@ jobs: tools: none - name: Install java - uses: actions/setup-java@v5 + uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0 with: distribution: zulu java-version: 11 - name: Retrieve built PHP-Scoper PHAR - uses: actions/download-artifact@v7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.037930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: php-scoper-phar-${{ matrix.php-version }} path: bin diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 4077acbd..65fa254c 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -19,10 +19,10 @@ jobs: name: CS steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.2' tools: composer @@ -43,10 +43,10 @@ jobs: name: PHPStan steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.3' tools: composer @@ -67,10 +67,10 @@ jobs: name: Rector steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.2' tools: composer diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f041e4d1..9ceeb659 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,12 +25,12 @@ jobs: name: Build PHAR steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.2' ini-values: phar.readonly=0 @@ -52,7 +52,7 @@ jobs: - name: Import GPG key if: github.event_name == 'release' - uses: crazy-max/ghaction-import-gpg@v6 + uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0 with: gpg_private_key: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE }} passphrase: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE_PASSPHRASE }} @@ -69,7 +69,7 @@ jobs: bin/php-scoper.phar - name: Upload the PHAR artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: php-scoper-phar path: | @@ -85,13 +85,13 @@ jobs: permissions: contents: write steps: - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: php-scoper-phar path: . - name: Upload php-scoper.phar - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: token: ${{ secrets.GITHUB_TOKEN }} files: | @@ -105,14 +105,14 @@ jobs: - build-phar steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.2' - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: php-scoper-phar path: . @@ -126,14 +126,14 @@ jobs: ./bin/php-scoper.phar --ansi --version - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Login to Docker Container Registry if: github.event_name == 'release' - uses: docker/login-action@v3 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ env.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -153,7 +153,7 @@ jobs: - name: Login to GitHub Container Registry if: github.event_name != 'release' - uses: docker/login-action@v3 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -166,7 +166,7 @@ jobs: echo "DOCKER_TEST_TAG=ghcr.io/humbugphp/php-scoper" >> $GITHUB_ENV - name: Build and export to Docker - uses: docker/build-push-action@v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: context: . file: ${{ env.DOCKERFILE }} @@ -179,7 +179,7 @@ jobs: - name: Build and push if: github.event_name == 'release' - uses: docker/build-push-action@v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: context: . file: ${{ env.DOCKERFILE }} diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index eeb41e98..46566563 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -21,16 +21,16 @@ jobs: name: Check Dependencies steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Cache the vulnerability database - uses: actions/cache@v5 + uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 id: cache-db with: path: ~/.symfony/cache key: db - name: Checks dependencies for known vulnerabilities - uses: symfonycorp/security-checker-action@v5 + uses: symfonycorp/security-checker-action@258311ef7ac571f1310780ef3d79fc5abef642b5 # v5 diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 2e51fab3..0b90fc45 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -22,19 +22,19 @@ jobs: if: github.event_name != 'release' && github.event.action != 'created' steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.3' tools: composer coverage: none - name: Install Composer dependencies - uses: ramsey/composer-install@v3 + uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # 3.1.1 with: working-directory: 'composer-root-version-checker' @@ -46,12 +46,12 @@ jobs: name: Check the Composer package steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: '8.3' tools: composer @@ -75,7 +75,7 @@ jobs: - '7.*.*' steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 @@ -84,7 +84,7 @@ jobs: run: echo "SYMFONY_REQUIRE=${{ matrix.symfony }}" >> $GITHUB_ENV - name: Setup PHP - uses: shivammathur/setup-php@v2 + uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # 2.36.0 with: php-version: ${{ matrix.php }} tools: composer, flex