From 6ab4f402bf414701e2abf2a9ae1103c29f056da8 Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:28 +0200 Subject: [PATCH 1/6] =?UTF-8?q?=F0=9F=94=92=20pin=20secrets=5Fscan.yaml=20?= =?UTF-8?q?actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/secrets_scan.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/secrets_scan.yaml b/.github/workflows/secrets_scan.yaml index 4b00cfb8..6d9c4e21 100644 --- a/.github/workflows/secrets_scan.yaml +++ b/.github/workflows/secrets_scan.yaml @@ -21,9 +21,9 @@ jobs: echo "branch=${{ github.event.pull_request.head.ref }}" >> $GITHUB_ENV fi - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{env.branch}} fetch-depth: ${{env.depth}} - name: Scan for secrets - uses: trufflesecurity/trufflehog@main + uses: trufflesecurity/trufflehog@6bd2d14f7a4bc1e569fa3550efa7ec632a4fa67b # main From 534fc845714f5ed235e6fcb5f4ac4e72c47723bd Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:28 +0200 Subject: [PATCH 2/6] =?UTF-8?q?=F0=9F=94=92=20pin=20test=5Fryzenai=5Fnight?= =?UTF-8?q?ly.yaml=20actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test_ryzenai_nightly.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test_ryzenai_nightly.yaml b/.github/workflows/test_ryzenai_nightly.yaml index f573d1a1..46536290 100644 --- a/.github/workflows/test_ryzenai_nightly.yaml +++ b/.github/workflows/test_ryzenai_nightly.yaml @@ -11,14 +11,14 @@ concurrency: jobs: run_tests_prequantized_models: - uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@main + uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@a88e7fa2eaee28de5a4d6142381b1fb792349b67 # main with: pytest_marker: "prequantized_model_test" test_file: "tests/ryzenai/test_modeling.py" report_name: "tests_prequantized_models" run_tests_quantization: - uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@main + uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@a88e7fa2eaee28de5a4d6142381b1fb792349b67 # main with: pytest_marker: "quant_test" test_file: "tests/ryzenai/test_quantization.py" @@ -36,9 +36,9 @@ jobs: run_tests_quantization, ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Download all artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3 with: path: ./reports/ - name: Send message to Slack @@ -58,7 +58,7 @@ jobs: # Upload complete failure tables, as they might be big and only truncated versions could be sent to Slack. - name: Failure table artifacts if: ${{ always() }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: prev_ci_results path: prev_ci_results From ad156266af0cc52c9339c7dca1853be4bb12a9d7 Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:29 +0200 Subject: [PATCH 3/6] =?UTF-8?q?=F0=9F=94=92=20pin=20publish=5Fbackup.yaml?= =?UTF-8?q?=20actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/publish_backup.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish_backup.yaml b/.github/workflows/publish_backup.yaml index 3723c835..4be6a0cb 100644 --- a/.github/workflows/publish_backup.yaml +++ b/.github/workflows/publish_backup.yaml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up Python - uses: actions/setup-python@v3 + uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3 - name: Install dependencies run: | From 7dc9edf4d55cd01c286cd58d27035d9a67a8c487 Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:30 +0200 Subject: [PATCH 4/6] =?UTF-8?q?=F0=9F=94=92=20pin=20test=5Fzentorch=5Fplug?= =?UTF-8?q?in.yaml=20actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test_zentorch_plugin.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test_zentorch_plugin.yaml b/.github/workflows/test_zentorch_plugin.yaml index cbe7f993..9831d6c1 100644 --- a/.github/workflows/test_zentorch_plugin.yaml +++ b/.github/workflows/test_zentorch_plugin.yaml @@ -22,7 +22,7 @@ jobs: runs-on: [self-hosted, amd-cpu, epyc, genoa] steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Copy zentorch binary to current directory run: cp @@ -37,7 +37,7 @@ jobs: docker/transformers-pytorch-amd-cpu-zentorch - name: Run tests - uses: addnab/docker-run-action@v3 + uses: addnab/docker-run-action@4f65fabd2431ebc8d299f8e5a018d79a769ae185 # v3 with: image: optimum-amd-zentorch:2.2.1 options: | From 73429560aeec89198a1b82e5c51e8ecf5d282510 Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:30 +0200 Subject: [PATCH 5/6] =?UTF-8?q?=F0=9F=94=92=20pin=20upload=5Fpr=5Fdocument?= =?UTF-8?q?ation.yml=20actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/upload_pr_documentation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upload_pr_documentation.yml b/.github/workflows/upload_pr_documentation.yml index 54518f66..6fb5cef7 100644 --- a/.github/workflows/upload_pr_documentation.yml +++ b/.github/workflows/upload_pr_documentation.yml @@ -8,7 +8,7 @@ on: jobs: build: - uses: huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml@main + uses: huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml@90b4ee2c10b81b5c1a6367c4e6fc9e2fb510a7e3 # main with: package_name: optimum-amd secrets: From 155a237f066631d02b34afa8fb253db597c974f5 Mon Sep 17 00:00:00 2001 From: Pauline Bailly-Masson <155966238+paulinebm@users.noreply.github.com> Date: Thu, 2 Apr 2026 11:50:31 +0200 Subject: [PATCH 6/6] =?UTF-8?q?=F0=9F=94=92=20pin=20test=5Fryzenai=5Fmodel?= =?UTF-8?q?ing.yaml=20actions=20to=20commit=20SHAs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test_ryzenai_modeling.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test_ryzenai_modeling.yaml b/.github/workflows/test_ryzenai_modeling.yaml index 5e6aa7b0..5b94c88d 100644 --- a/.github/workflows/test_ryzenai_modeling.yaml +++ b/.github/workflows/test_ryzenai_modeling.yaml @@ -23,7 +23,7 @@ concurrency: jobs: build: - uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@main + uses: huggingface/hf-workflows/.github/workflows/ryzenai_ci.yaml@a88e7fa2eaee28de5a4d6142381b1fb792349b67 # main with: pytest_marker: "not prequantized_model_test" test_file: "tests/ryzenai/test_modeling.py"