diff --git a/.github/workflows/claude-baseline-review.yml b/.github/workflows/claude-baseline-review.yml index 62a8a8d..e7280d9 100644 --- a/.github/workflows/claude-baseline-review.yml +++ b/.github/workflows/claude-baseline-review.yml @@ -36,7 +36,7 @@ jobs: # ByronWilliamsCPA/.github main. `gh api # repos/ByronWilliamsCPA/.github/compare/main... --jq .status` must not # return "diverged". Renovate tracks this pin. - uses: ByronWilliamsCPA/.github/.github/workflows/claude-baseline-review.yml@8de6560ef6089fa95d56c77186648186dac6ce26 # main + uses: ByronWilliamsCPA/.github/.github/workflows/claude-baseline-review.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: repo-description: >- the authoritative style, drafting, and writing standards library diff --git a/.github/workflows/qlty.yml b/.github/workflows/qlty.yml index 0fef813..0d132e9 100644 --- a/.github/workflows/qlty.yml +++ b/.github/workflows/qlty.yml @@ -23,7 +23,7 @@ jobs: # Coverage upload after merges to main only. qlty: if: github.event_name == 'push' - uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@4b12bfe9a94a312be1f23cf7a591e6259ea96118 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main permissions: contents: read actions: read @@ -38,7 +38,7 @@ jobs: # Check name: "qlty-gate / Qlty Gate" -- required by org baseline ruleset. qlty-gate: if: github.event_name == 'pull_request' - uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@4b12bfe9a94a312be1f23cf7a591e6259ea96118 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main permissions: contents: read with: @@ -50,7 +50,7 @@ jobs: # Remove no-fail once the existing 100-issue backlog is resolved. qlty-health: if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' - uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@4b12bfe9a94a312be1f23cf7a591e6259ea96118 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-gate.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main permissions: contents: read with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c93f7fc..b76d2bb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -26,7 +26,7 @@ jobs: id-token: write contents: read actions: read - uses: ByronWilliamsCPA/.github/.github/workflows/python-scorecard.yml@4b12bfe9a94a312be1f23cf7a591e6259ea96118 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-scorecard.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # publish-results: false -- OIDC repository claim resolves to org .github repo # when called as a reusable callee; setting true publishes to wrong repo. diff --git a/.github/workflows/security-analysis.yml b/.github/workflows/security-analysis.yml index 10a2a1e..1fe94aa 100644 --- a/.github/workflows/security-analysis.yml +++ b/.github/workflows/security-analysis.yml @@ -31,7 +31,7 @@ jobs: security-events: write pull-requests: write actions: read - uses: ByronWilliamsCPA/.github/.github/workflows/python-security-analysis.yml@4b12bfe9a94a312be1f23cf7a591e6259ea96118 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-security-analysis.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: python-version: "3.12" run-codeql: false