From e683e5873d78fc3b201a2d02c8efe982e34cba7b Mon Sep 17 00:00:00 2001 From: "eclipse-otterdog[bot]" <158182605+eclipse-otterdog[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2026 10:15:14 +0000 Subject: [PATCH 1/3] Pinning workflow .github/workflows/ci.yml --- .github/workflows/ci.yml | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 636fe81a0..469e33b38 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Fetch up-cpp - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-cpp @@ -34,7 +34,7 @@ jobs: conan profile show - name: Fetch up-core-api conan recipe - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-conan-recipes repository: eclipse-uprotocol/up-conan-recipes @@ -59,19 +59,19 @@ jobs: conan cache save --file ./conan-cache.tgz '*' - name: Upload build artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: build-artifacts path: up-cpp/build/Release - name: Upload compile commands - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: compile-commands path: up-cpp/build/Release/compile_commands.json - name: Upload conan cache for linting - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: conan-cache path: ./conan-cache.tgz @@ -83,7 +83,7 @@ jobs: steps: - name: Get build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: build-artifacts path: up-cpp/build/Release @@ -96,7 +96,7 @@ jobs: ctest - name: Upload test results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: test-results @@ -110,7 +110,7 @@ jobs: steps: - name: Get build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: build-artifacts path: up-cpp/build/Release @@ -165,7 +165,7 @@ jobs: cat valgrind_logs/valgrind_memcheck_summary.log - name: Upload Valgrind Memcheck logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: valgrind-memcheck-log @@ -178,7 +178,7 @@ jobs: steps: - name: Get build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: build-artifacts path: up-cpp/build/Release @@ -234,7 +234,7 @@ jobs: cat valgrind_logs/valgrind_threadcheck_summary.log - name: Upload Valgrind ThreadCheck logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: valgrind-threadcheck-log @@ -247,7 +247,7 @@ jobs: steps: - name: Get build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: build-artifacts path: up-cpp/build/Release @@ -303,7 +303,7 @@ jobs: cat valgrind_logs/valgrind_helgrind_summary.log - name: Upload Valgrind Helgrind logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: valgrind-helgrind-log @@ -316,7 +316,7 @@ jobs: steps: - name: Get build artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: build-artifacts path: up-cpp/build/Release @@ -372,7 +372,7 @@ jobs: cat valgrind_logs/valgrind_dhat_summary.log - name: Upload Valgrind DHAT logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: valgrind-dhat-log @@ -388,7 +388,7 @@ jobs: steps: - name: Fetch up-cpp - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-cpp @@ -406,7 +406,7 @@ jobs: conan profile show - name: Fetch up-core-api conan recipe - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-conan-recipes repository: eclipse-uprotocol/up-conan-recipes @@ -426,7 +426,7 @@ jobs: - name: Run linters on source continue-on-error: true id: source-linter - uses: cpp-linter/cpp-linter-action@v2 + uses: cpp-linter/cpp-linter-action@77c390c5ba9c947ebc185a3e49cc754f1558abb5 # v2.18.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -441,7 +441,7 @@ jobs: - name: Run linters on tests continue-on-error: true id: test-linter - uses: cpp-linter/cpp-linter-action@v2 + uses: cpp-linter/cpp-linter-action@77c390c5ba9c947ebc185a3e49cc754f1558abb5 # v2.18.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 19be81bc1ff4c2c4352b95e077e911b2b3ac8910 Mon Sep 17 00:00:00 2001 From: "eclipse-otterdog[bot]" <158182605+eclipse-otterdog[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2026 10:15:15 +0000 Subject: [PATCH 2/3] Pinning workflow .github/workflows/codeql.yml --- .github/workflows/codeql.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b62f60f0d..5fc1baa44 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,13 +39,13 @@ jobs: version: 2.3.2 - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-cpp # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@d77b13a0df3134d64a457ea9003f600b09fa1c8a # v3.36.1 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -60,7 +60,7 @@ jobs: - if: matrix.build-mode == 'manual' name: Fetch up-core-api conan recipe - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-conan-recipes repository: eclipse-uprotocol/up-conan-recipes @@ -82,7 +82,7 @@ jobs: cmake --build . -- -j - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@d77b13a0df3134d64a457ea9003f600b09fa1c8a # v3.36.1 with: category: "/language:${{matrix.language}}" checkout_path: up-cpp From fd019f13a4e6d01ce942527167ab79268a259a08 Mon Sep 17 00:00:00 2001 From: "eclipse-otterdog[bot]" <158182605+eclipse-otterdog[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2026 10:15:16 +0000 Subject: [PATCH 3/3] Pinning workflow .github/workflows/coverage.yml --- .github/workflows/coverage.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 39776455a..1d9a8721c 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -19,7 +19,7 @@ jobs: version: 2.3.2 - name: Fetch up-cpp - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-cpp @@ -34,7 +34,7 @@ jobs: run: sudo apt-get install -y gcovr - name: Fetch up-core-api conan recipe - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: path: up-conan-recipes repository: eclipse-uprotocol/up-conan-recipes @@ -80,7 +80,7 @@ jobs: - name: Upload coverage report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: success() || failure() with: name: coverage-report