From 2f3dcadb3953aa8fcdc6fbd6313e49b21d268ab1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 08:50:24 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .devcontainer/Dockerfile | 2 +- .devcontainer/compose.yaml | 6 +++--- .github/workflows/security-check.yml | 2 +- .github/workflows/test.yml | 8 ++++---- Dockerfile | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index a79e3649..3e878be4 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,3 +1,3 @@ # Make sure RUBY_VERSION matches the Ruby version in .ruby-version -ARG RUBY_VERSION=3.4.2 +ARG RUBY_VERSION=3.4.2@sha256:a143fd2de1e22c0d2acd9167eb28c7a4a81628e370b94db4a66754824f029b8a FROM ghcr.io/rails/devcontainer/images/ruby:$RUBY_VERSION diff --git a/.devcontainer/compose.yaml b/.devcontainer/compose.yaml index 9d518d9d..44831c36 100644 --- a/.devcontainer/compose.yaml +++ b/.devcontainer/compose.yaml @@ -23,17 +23,17 @@ services: - postgres selenium: - image: selenium/standalone-chromium + image: selenium/standalone-chromium@sha256:8c5a8629c96104c0d73df94c6437af9ab9059c4e16aa32e35b330b7d77defe0b restart: unless-stopped redis: - image: redis:7.2 + image: redis:7.2@sha256:73d3498d8e395b685cf9263877c445fe9bf2bb436db33d545780ae398f97a23d restart: unless-stopped volumes: - redis-data:/data postgres: - image: postgres:16.1 + image: postgres:16.1@sha256:09f23e02d76670d3b346a3c00aa33a27cf57aab8341eedfcdaed41459d14f5c4 restart: unless-stopped networks: - default diff --git a/.github/workflows/security-check.yml b/.github/workflows/security-check.yml index 5d101bf5..1762af6a 100644 --- a/.github/workflows/security-check.yml +++ b/.github/workflows/security-check.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c9bc2fbb..9aa8305e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -12,7 +12,7 @@ jobs: id-token: write # to get access to GitHub autogenerated OIDC token, used by codecov/codecov-action steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 @@ -62,12 +62,12 @@ jobs: run: bin/rails test:all - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5.4.3 + uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 with: use_oidc: true - name: Keep screenshots from failed system tests - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: failure() && steps.tests.conclusion == 'failure' with: name: screenshots @@ -75,7 +75,7 @@ jobs: if-no-files-found: ignore - name: Upload test results to Codecov - uses: codecov/test-results-action@v1.1.1 + uses: codecov/test-results-action@47f89e9acb64b76debcd5ea40642d25a4adced9f # v1.1.1 if: ${{ !cancelled() }} with: use_oidc: true diff --git a/Dockerfile b/Dockerfile index a948dcb7..8db8ed25 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -# syntax = docker/dockerfile:1 +# syntax = docker/dockerfile:1@sha256:87999aa3d42bdc6bea60565083ee17e86d1f3339802f543c0d03998580f9cb89 # This Dockerfile is designed for production, not development. Use with Kamal or build'n'run by hand: # docker build -t my-app .