diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6138a6f..224c4e8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ jobs: name: Security runs-on: ${{ vars.GH_RUNNER_DEFAULT || 'ubuntu-latest' }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 @@ -76,10 +76,10 @@ jobs: name: Quality runs-on: ${{ vars.GH_RUNNER_DEFAULT || 'ubuntu-latest' }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup Node.js - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: # Match VS Code 1.110's bundled Node (Electron 35 → Node 22.x). # Testing on the same major as the extension runtime catches @@ -125,10 +125,10 @@ jobs: needs: [security, quality] runs-on: ${{ vars.GH_RUNNER_DEFAULT || 'ubuntu-latest' }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Setup Node.js - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: # Match VS Code 1.110's bundled Node (Electron 35 → Node 22.x). # Testing on the same major as the extension runtime catches @@ -145,7 +145,7 @@ jobs: run: npx @vscode/vsce package --no-dependencies - name: Upload VSIX artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: claudemeter-vsix path: '*.vsix' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index af85133..4d999fe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: name: Security Gate runs-on: ${{ vars.GH_RUNNER_DEFAULT || 'ubuntu-latest' }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 @@ -68,18 +68,18 @@ jobs: steps: - name: Generate GitHub App Token id: app-token - uses: actions/create-github-app-token@v3 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3 with: app-id: ${{ secrets.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 token: ${{ steps.app-token.outputs.token }} - name: Setup Node.js - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: # Match VS Code 1.110's bundled Node (Electron 35 → Node 22.x). node-version: '24' @@ -110,18 +110,18 @@ jobs: steps: - name: Generate GitHub App Token id: app-token - uses: actions/create-github-app-token@v3 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3 with: app-id: ${{ secrets.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: v${{ needs.release.outputs.new_release_version }} token: ${{ steps.app-token.outputs.token }} - name: Setup Node.js - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: # Match VS Code 1.110's bundled Node (Electron 35 → Node 22.x). node-version: '24' @@ -147,7 +147,7 @@ jobs: echo "Built: $VSIX_FILE" - name: Upload VSIX to Release - uses: softprops/action-gh-release@v3 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 with: tag_name: v${{ needs.release.outputs.new_release_version }} files: ${{ steps.vsix.outputs.filename }}