Skip to content

Commit 408fdef

Browse files
renovate[bot]renovate[bot]
authored
Pin dependencies
1 parent 5e4b34c commit 408fdef

File tree

6 files changed

+108
-108
lines changed

6 files changed

+108
-108
lines changed

.github/workflows/ci.yml

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
outputs:
1616
docker-tag: ${{ steps.meta.outputs.version }}
1717
steps:
18-
- uses: actions/checkout@v4
18+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
1919
with:
2020
# required for changesets
2121
fetch-depth: '0'
@@ -24,7 +24,7 @@ jobs:
2424
persist-credentials: false
2525

2626
- name: Setup Node.js
27-
uses: actions/setup-node@v4
27+
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
2828
with:
2929
node-version: 'lts/*'
3030
cache: 'yarn'
@@ -57,18 +57,18 @@ jobs:
5757
run: yarn generate-disclaimer
5858

5959
- name: Login to ghcr.io
60-
uses: docker/login-action@v3
60+
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
6161
with:
6262
registry: ghcr.io
6363
username: ${{ github.repository_owner }}
6464
password: ${{ secrets.GITHUB_TOKEN }}
6565

6666
- name: Set up Docker Buildx
67-
uses: docker/setup-buildx-action@v3
67+
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
6868

6969
- name: Generate Docker metadata
7070
id: meta
71-
uses: docker/metadata-action@v5
71+
uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5
7272
env:
7373
DOCKER_METADATA_PR_HEAD_SHA: true
7474
with:
@@ -82,7 +82,7 @@ jobs:
8282
8383
- name: Build and push
8484
id: build_and_push
85-
uses: docker/build-push-action@v6
85+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
8686
with:
8787
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'pull_request' && secrets.GH_APP_OS_APP_ID != '' }}
8888
context: .
@@ -96,7 +96,7 @@ jobs:
9696
if: ${{ success() && steps.build_and_push.outputs.digest }}
9797
env:
9898
IMAGE_REF: ${{ env.DOCKER_IMAGE }}@${{ steps.build_and_push.outputs.digest }}
99-
uses: aquasecurity/[email protected]
99+
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
100100
with:
101101
scan-type: 'image'
102102
scanners: 'license'
@@ -107,7 +107,7 @@ jobs:
107107

108108
- name: Upload SBOM report as a build artifact
109109
if: ${{ success() && steps.build_and_push.outputs.digest }}
110-
uses: actions/upload-artifact@v4
110+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
111111
with:
112112
name: sbom-spdx-report
113113
path: 'sbom.spdx.json'
@@ -134,17 +134,17 @@ jobs:
134134
needs: build
135135
steps:
136136
- name: Checkout
137-
uses: actions/checkout@v4
137+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
138138
with:
139139
fetch-depth: 0 # need main branch to diff against
140140
- name: Set up Helm
141-
uses: azure/setup-helm@v4
142-
- uses: actions/setup-python@v5
141+
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
142+
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
143143
with:
144144
python-version: '3.12'
145145
check-latest: true
146146
- name: Set up chart-testing
147-
uses: helm/[email protected]
147+
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
148148
- name: Check if Helm charts updated (run chart-testing list-changed)
149149
id: list-changed
150150
run: |
@@ -158,7 +158,7 @@ jobs:
158158
run: ct lint --validate-maintainers=false --target-branch ${{ github.event.repository.default_branch }}
159159
- name: Create kind cluster
160160
if: steps.list-changed.outputs.changed == 'true'
161-
uses: helm/[email protected]
161+
uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0
162162
- name: Prepare k8s cluster
163163
if: steps.list-changed.outputs.changed == 'true'
164164
run: |
@@ -184,7 +184,7 @@ jobs:
184184
private_key: ${{ secrets.GH_APP_OS_PRIVATE_KEY }}
185185

186186
- name: Trigger Workflow
187-
uses: actions/github-script@v7
187+
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
188188
with:
189189
github-token: ${{ steps.generate_token.outputs.token }}
190190
script: |

.github/workflows/publish-release.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -21,15 +21,15 @@ jobs:
2121
steps:
2222
- name: Generate Docker metadata of the existing image
2323
id: meta-existing-tag
24-
uses: docker/metadata-action@v5
24+
uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5
2525
with:
2626
images: ${{ env.DOCKER_IMAGE }}
2727
tags: |
2828
type=sha,prefix=
2929
3030
- name: Generate Docker metadata of the new image
3131
id: meta-new-tags
32-
uses: docker/metadata-action@v5
32+
uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5
3333
with:
3434
images: ${{ env.DOCKER_IMAGE }}
3535
labels: |
@@ -46,7 +46,7 @@ jobs:
4646
echo "FROM $SOURCE_IMAGE" > Dockerfile
4747
4848
- name: Login to ghcr.io
49-
uses: docker/login-action@v3
49+
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
5050
with:
5151
registry: ghcr.io
5252
username: ${{ github.repository_owner }}
@@ -56,11 +56,11 @@ jobs:
5656
uses: sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2
5757

5858
- name: Set up Docker Buildx
59-
uses: docker/setup-buildx-action@v3
59+
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
6060

6161
- name: Build and push
6262
id: build_and_push
63-
uses: docker/build-push-action@v6
63+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
6464
with:
6565
push: true
6666
context: .
@@ -71,7 +71,7 @@ jobs:
7171
- name: Run Trivy to get an SBOM report of the container
7272
env:
7373
IMAGE_REF: ${{ env.DOCKER_IMAGE }}@${{ steps.build_and_push.outputs.digest }}
74-
uses: aquasecurity/[email protected]
74+
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
7575
with:
7676
scan-type: 'image'
7777
scanners: 'license'

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM aquasec/trivy:latest AS scanner
1+
FROM aquasec/trivy:latest@sha256:e2b22eac59c02003d8749f5b8d9bd073b62e30fefaef5b7c8371204e0a4b0c08 AS scanner
22

33
# Copy yarn.lock to run SBOM scan
44
COPY yarn.lock /tmp

charts/matrix-poll-widget/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ image:
88
repository: ghcr.io/nordeck/matrix-poll-widget
99
pullPolicy: IfNotPresent
1010
# Overrides the image tag whose default is the chart appVersion.
11-
tag: ""
11+
tag: "@sha256:2a94e2b543e33e90fd56b485d8fb85472ffb117656f2e8f02c1826d4148419a8"
1212

1313
imagePullSecrets: []
1414
nameOverride: ""

package.json

Lines changed: 41 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -42,48 +42,48 @@
4242
"uuid": "^9.0.1"
4343
},
4444
"devDependencies": {
45-
"@changesets/cli": "^2.28.0",
46-
"@eslint/compat": "^1.3.1",
47-
"@eslint/js": "^9.28.0",
48-
"@matrix-widget-toolkit/testing": "^4.0.0",
49-
"@testing-library/dom": "^10.4.0",
50-
"@testing-library/jest-dom": "^6.6.3",
51-
"@testing-library/react": "^16.0.1",
52-
"@testing-library/user-event": "^14.5.2",
53-
"@types/lodash": "^4.14.202",
54-
"@types/luxon": "^3.2.0",
55-
"@types/node": "^20.17.22",
56-
"@types/pdfmake": "^0.2.11",
57-
"@types/react": "^18.3.23",
58-
"@types/react-beautiful-dnd": "^13.1.8",
59-
"@types/react-dom": "^18.3.1",
60-
"@types/uuid": "^9.0.7",
61-
"@vitejs/plugin-basic-ssl": "^1.2.0",
62-
"@vitejs/plugin-react-swc": "^3.8.0",
63-
"@vitest/coverage-v8": "^3.0.6",
64-
"@vitest/eslint-plugin": "^1.3.4",
65-
"axe-core": "^4.10.0",
66-
"depcheck": "^1.4.7",
67-
"dotenv-cli": "^7.4.4",
68-
"eslint": "^9.28.0",
69-
"eslint-config-prettier": "^10.1.5",
70-
"eslint-plugin-notice": "^1.0.0",
71-
"eslint-plugin-promise": "^7.2.1",
72-
"eslint-plugin-react": "^7.37.5",
73-
"eslint-plugin-react-hooks": "^5.2.0",
74-
"eslint-plugin-testing-library": "^7.6.0",
75-
"happy-dom": "^20.0.8",
76-
"husky": "^9.1.7",
77-
"i18next-cli": "^1.20.1",
78-
"lint-staged": "^15.4.3",
79-
"prettier": "^3.5.1",
80-
"prettier-plugin-organize-imports": "^4.1.0",
81-
"sass": "^1.85.0",
82-
"typescript": "^5.7.2",
83-
"typescript-eslint": "^8.33.1",
45+
"@changesets/cli": "2.28.1",
46+
"@eslint/compat": "1.4.1",
47+
"@eslint/js": "9.31.0",
48+
"@matrix-widget-toolkit/testing": "4.0.0",
49+
"@testing-library/dom": "10.4.0",
50+
"@testing-library/jest-dom": "6.6.3",
51+
"@testing-library/react": "16.3.0",
52+
"@testing-library/user-event": "14.5.2",
53+
"@types/lodash": "4.14.202",
54+
"@types/luxon": "3.2.0",
55+
"@types/node": "20.19.24",
56+
"@types/pdfmake": "0.2.11",
57+
"@types/react": "18.3.26",
58+
"@types/react-beautiful-dnd": "13.1.8",
59+
"@types/react-dom": "18.3.7",
60+
"@types/uuid": "9.0.7",
61+
"@vitejs/plugin-basic-ssl": "1.2.0",
62+
"@vitejs/plugin-react-swc": "3.10.2",
63+
"@vitest/coverage-v8": "3.2.4",
64+
"@vitest/eslint-plugin": "1.3.26",
65+
"axe-core": "4.10.3",
66+
"depcheck": "1.4.7",
67+
"dotenv-cli": "7.4.4",
68+
"eslint": "9.31.0",
69+
"eslint-config-prettier": "10.1.5",
70+
"eslint-plugin-notice": "1.0.0",
71+
"eslint-plugin-promise": "7.2.1",
72+
"eslint-plugin-react": "7.37.5",
73+
"eslint-plugin-react-hooks": "5.2.0",
74+
"eslint-plugin-testing-library": "7.13.3",
75+
"happy-dom": "20.0.10",
76+
"husky": "9.1.7",
77+
"i18next-cli": "1.20.1",
78+
"lint-staged": "15.4.3",
79+
"prettier": "3.5.3",
80+
"prettier-plugin-organize-imports": "4.1.0",
81+
"sass": "1.85.1",
82+
"typescript": "5.9.3",
83+
"typescript-eslint": "8.37.0",
8484
"vite": "^6.4.1",
85-
"vitest": "^3.2.4",
86-
"yarn-deduplicate": "^6.0.2"
85+
"vitest": "3.2.4",
86+
"yarn-deduplicate": "6.0.2"
8787
},
8888
"engines": {
8989
"node": ">=20",

0 commit comments

Comments
 (0)