From 7a08a1c4eab5c45554b1aa36e2003453e6bb0cba Mon Sep 17 00:00:00 2001 From: Evgeni Burovski Date: Tue, 5 Aug 2025 15:05:44 +0200 Subject: [PATCH 1/3] CI: use hashes for actions/setup-python and actions/checkout Parrot hashes from SciPy main. --- .github/workflows/docs.yml | 6 +++--- .github/workflows/pip.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index a7683b8..b41e445 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -12,9 +12,9 @@ jobs: docs-build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python 3.12 - uses: actions/setup-python@v5 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 with: python-version: "3.12" cache: "pip" @@ -45,7 +45,7 @@ jobs: pages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download Artifact uses: actions/download-artifact@v4 with: diff --git a/.github/workflows/pip.yml b/.github/workflows/pip.yml index f1fc58c..2153ae8 100644 --- a/.github/workflows/pip.yml +++ b/.github/workflows/pip.yml @@ -22,9 +22,9 @@ jobs: steps: # actions/setup-python@v5 has built-in functionality for caching and restoring dependencies. - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 with: python-version: ${{ matrix.python-version }} cache: "pip" # caching pip dependencies From 5e9d475ae0401239ac859d102b62e3e5f2edf03c Mon Sep 17 00:00:00 2001 From: Evgeni Burovski Date: Tue, 5 Aug 2025 15:08:07 +0200 Subject: [PATCH 2/3] CI: use the download-artifact hash from scipy main --- .github/workflows/docs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index b41e445..f721e7a 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -28,7 +28,7 @@ jobs: sphinx-build -b html docs/ docs/build/ - name: Upload Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: docs-build path: docs/build/ From e4419e9cd11920a6d1fe8fce5ebc3d01e29f5f7d Mon Sep 17 00:00:00 2001 From: Evgeni Burovski Date: Tue, 5 Aug 2025 15:19:39 +0200 Subject: [PATCH 3/3] CI: use hashes for download-artifact and github-pages-deploy --- .github/workflows/docs.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index f721e7a..2efc8e5 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -47,12 +47,12 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download Artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: docs-build path: docs/build/ - name: Deploy to GitHub pages - uses: JamesIves/github-pages-deploy-action@v4 + uses: JamesIves/github-pages-deploy-action@6c2d9db40f9296374acc17b90404b6e8864128c8 # v4.7.3 with: folder: docs/build/