diff --git a/.github/workflows/autobump_rn.yml b/.github/workflows/autobump_rn.yml index f732c60d1a5..d685182dee2 100644 --- a/.github/workflows/autobump_rn.yml +++ b/.github/workflows/autobump_rn.yml @@ -20,12 +20,12 @@ jobs: env: GITHUB_CONTEXT: ${{ toJSON(github) }} - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 token: ${{ secrets.CONTENTBOT_GH_ADMIN_TOKEN }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-ai-review-approval.yml b/.github/workflows/check-ai-review-approval.yml index 5e488cc88d6..c62b19afeac 100644 --- a/.github/workflows/check-ai-review-approval.yml +++ b/.github/workflows/check-ai-review-approval.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork != true steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-contribution-form-filled.yml b/.github/workflows/check-contribution-form-filled.yml index 9e076207e5c..4c8c63694a5 100644 --- a/.github/workflows/check-contribution-form-filled.yml +++ b/.github/workflows/check-contribution-form-filled.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false && contains(github.event.pull_request.title, '[Marketplace Contribution]') == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-contributor-pack.yml b/.github/workflows/check-contributor-pack.yml index 6d5134ccee9..0d43c70dfd8 100644 --- a/.github/workflows/check-contributor-pack.yml +++ b/.github/workflows/check-contributor-pack.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' && startsWith(github.head_ref, 'contrib/') == false && startsWith(github.head_ref, 'to-merge/') == false && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false && github.event.pull_request.head.repo.fork == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-devcontainer.yml b/.github/workflows/check-devcontainer.yml index cc1ac177591..5b82c6ffa44 100644 --- a/.github/workflows/check-devcontainer.yml +++ b/.github/workflows/check-devcontainer.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 - name: Run demisto-sdk in devcontainer diff --git a/.github/workflows/check-docs-approved-label.yml b/.github/workflows/check-docs-approved-label.yml index b5e9124beeb..9c3deb9fac9 100644 --- a/.github/workflows/check-docs-approved-label.yml +++ b/.github/workflows/check-docs-approved-label.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-partner-approved-label.yml b/.github/workflows/check-partner-approved-label.yml index 67ccae2f7f5..3552e040aaf 100644 --- a/.github/workflows/check-partner-approved-label.yml +++ b/.github/workflows/check-partner-approved-label.yml @@ -12,9 +12,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-se-approved-label.yml b/.github/workflows/check-se-approved-label.yml index 4b80a444dec..3e69d542138 100644 --- a/.github/workflows/check-se-approved-label.yml +++ b/.github/workflows/check-se-approved-label.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/check-supported-modules-approved.yml b/.github/workflows/check-supported-modules-approved.yml index 9aca12bec57..61f34ec7ed9 100644 --- a/.github/workflows/check-supported-modules-approved.yml +++ b/.github/workflows/check-supported-modules-approved.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/clean_stale_branches.yml b/.github/workflows/clean_stale_branches.yml index 8b86acf83ff..94bd5f70d76 100644 --- a/.github/workflows/clean_stale_branches.yml +++ b/.github/workflows/clean_stale_branches.yml @@ -15,7 +15,7 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Stale uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8 with: diff --git a/.github/workflows/codeowners_file_validation.yml b/.github/workflows/codeowners_file_validation.yml index 5ff5425242d..c33640b08d4 100644 --- a/.github/workflows/codeowners_file_validation.yml +++ b/.github/workflows/codeowners_file_validation.yml @@ -12,9 +12,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' && startsWith(github.head_ref, 'contrib/') == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2509021458d..45dc97d1490 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/create-internal-pr-from-external.yml b/.github/workflows/create-internal-pr-from-external.yml index 3b7d569fd68..e154887186c 100644 --- a/.github/workflows/create-internal-pr-from-external.yml +++ b/.github/workflows/create-internal-pr-from-external.yml @@ -17,9 +17,9 @@ jobs: run: | echo "PYTHONPATH=$GITHUB_WORKSPACE" >> $GITHUB_ENV - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/handle-new-external-pr.yml b/.github/workflows/handle-new-external-pr.yml index 2dacbf703bf..0691e390e22 100644 --- a/.github/workflows/handle-new-external-pr.yml +++ b/.github/workflows/handle-new-external-pr.yml @@ -12,12 +12,12 @@ jobs: if: github.repository == 'demisto/content' && github.event.action == 'opened' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/handle-new-internal-pr.yml b/.github/workflows/handle-new-internal-pr.yml index 6e648558c43..9783517f90f 100644 --- a/.github/workflows/handle-new-internal-pr.yml +++ b/.github/workflows/handle-new-internal-pr.yml @@ -12,12 +12,12 @@ jobs: if: github.repository == 'demisto/content' && github.event.action == 'opened' && github.event.pull_request.head.repo.fork == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. diff --git a/.github/workflows/pre-commit-reuse.yml b/.github/workflows/pre-commit-reuse.yml index 5ac0aa61ee8..a4444cac737 100644 --- a/.github/workflows/pre-commit-reuse.yml +++ b/.github/workflows/pre-commit-reuse.yml @@ -15,7 +15,7 @@ jobs: uses: Gr1N/setup-poetry@48b0f77c8c1b1b19cb962f0f00dff7b4be8f81ec # v9 - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 @@ -23,7 +23,7 @@ jobs: run: echo "PYTHONPATH=$GITHUB_WORKSPACE" >> $GITHUB_ENV - name: Setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.10' cache: 'poetry' @@ -47,7 +47,7 @@ jobs: - name: Cache Pre commit id: cache-pre-commit - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ~/.cache/pre-commit key: ${{ runner.os }}-pre-commit @@ -133,7 +133,7 @@ jobs: pytest-xml-coverage-path: coverage_report/coverage.xml junitxml-path: report_pytest.xml - - uses: actions/cache/save@v3 + - uses: actions/cache/save@6f8efc29b200d32929f49075959781ed54ec270c # v3 if: always() with: path: ~/.cache/pre-commit diff --git a/.github/workflows/project_manager_daily.yml b/.github/workflows/project_manager_daily.yml index a59f5220318..e13849a5dd3 100644 --- a/.github/workflows/project_manager_daily.yml +++ b/.github/workflows/project_manager_daily.yml @@ -7,9 +7,9 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'demisto/content' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python 3.7 - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.7" - name: Get project manager diff --git a/.github/workflows/project_manager_hourly.yml b/.github/workflows/project_manager_hourly.yml index dfc4b8ac8d6..6a438c8d9bd 100644 --- a/.github/workflows/project_manager_hourly.yml +++ b/.github/workflows/project_manager_hourly.yml @@ -8,9 +8,9 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'demisto/content' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python 3.7 - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.7" - name: Get project manager diff --git a/.github/workflows/protect-files.yml b/.github/workflows/protect-files.yml index 88f410b7b5b..672831cb2d0 100644 --- a/.github/workflows/protect-files.yml +++ b/.github/workflows/protect-files.yml @@ -11,12 +11,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 100 # to speed up. changed-files will fetch more if necessary - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.x" diff --git a/.github/workflows/protect-infra-paths-contributions.yml b/.github/workflows/protect-infra-paths-contributions.yml index 2ad3980fc1f..e28e9b07aa1 100644 --- a/.github/workflows/protect-infra-paths-contributions.yml +++ b/.github/workflows/protect-infra-paths-contributions.yml @@ -12,10 +12,10 @@ jobs: if: 'startsWith(github.head_ref, ''contrib'') || (github.event.pull_request.head.repo.fork == true && contains(github.event.pull_request.base.ref, ''contrib''))' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.x' diff --git a/.github/workflows/purge_branch_protection_rules.yml b/.github/workflows/purge_branch_protection_rules.yml index 683932e6266..46266d382e4 100644 --- a/.github/workflows/purge_branch_protection_rules.yml +++ b/.github/workflows/purge_branch_protection_rules.yml @@ -12,10 +12,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4.1.7 # disable-secrets-detection + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 # disable-secrets-detection - name: Set up Python - uses: actions/setup-python@v5.1.1 # disable-secrets-detection + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 # disable-secrets-detection with: python-version: '3.10' @@ -38,7 +38,7 @@ jobs: poetry run python .github/github_workflow_scripts/purge_branch_protection_rules.py - name: Upload Log to Artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: purge_branch_protection_rules_${{ github.run_id }} path: "${{ github.workspace }}/purge_branch_protection_rules.log" \ No newline at end of file diff --git a/.github/workflows/review-release-notes.yml b/.github/workflows/review-release-notes.yml index 4863db13374..cb098914873 100644 --- a/.github/workflows/review-release-notes.yml +++ b/.github/workflows/review-release-notes.yml @@ -10,7 +10,7 @@ jobs: if: github.repository == 'demisto/content' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 - name: Get changed files @@ -23,7 +23,7 @@ jobs: since_last_remote_commit: false - name: Setup Python if: ${{ steps.changed-files.outputs.all_changed_files }} - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/run-secrets-detection.yml b/.github/workflows/run-secrets-detection.yml index 35f28a84aff..302fdf8b4d2 100644 --- a/.github/workflows/run-secrets-detection.yml +++ b/.github/workflows/run-secrets-detection.yml @@ -7,9 +7,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/security-label-check.yml b/.github/workflows/security-label-check.yml index cd669c90d13..af0f60bd699 100644 --- a/.github/workflows/security-label-check.yml +++ b/.github/workflows/security-label-check.yml @@ -8,7 +8,7 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Check if PR base branch starts with "contrib" and labels are correct id: security_check run: | diff --git a/.github/workflows/sync-contribution-base-branch-on-change.yml b/.github/workflows/sync-contribution-base-branch-on-change.yml index 0be24c8d551..52950626a30 100644 --- a/.github/workflows/sync-contribution-base-branch-on-change.yml +++ b/.github/workflows/sync-contribution-base-branch-on-change.yml @@ -16,9 +16,9 @@ jobs: if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/sync-contribution-base-branch.yml b/.github/workflows/sync-contribution-base-branch.yml index 733a49fe74d..a31389c6875 100644 --- a/.github/workflows/sync-contribution-base-branch.yml +++ b/.github/workflows/sync-contribution-base-branch.yml @@ -13,9 +13,9 @@ jobs: if: github.repository == 'demisto/content' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. - name: Setup Poetry diff --git a/.github/workflows/update-demisto-sdk-version.yml b/.github/workflows/update-demisto-sdk-version.yml index 459fcc3c333..bc7bd5e34ba 100644 --- a/.github/workflows/update-demisto-sdk-version.yml +++ b/.github/workflows/update-demisto-sdk-version.yml @@ -28,13 +28,13 @@ jobs: uses: Gr1N/setup-poetry@15821dc8a61bc630db542ae4baf6a7c19a994844 # v8 - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 token: ${{ secrets.CONTENTBOT_GH_ADMIN_TOKEN }} - name: Setup python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: "3.10" # The Python version set here is the minimum supported by content, if you change it here, please change all the places containing this comment. cache: 'poetry'