Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: pin dependencies #8870

Merged
merged 1 commit into from
Jul 11, 2024
Merged

deps: pin dependencies #8870

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 20 additions & 20 deletions .github/workflows/build-and-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Build all classes
Expand All @@ -33,39 +33,39 @@ jobs:
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3
with:
languages: java
tools: linked
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Build all classes
run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g classes
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3
test:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Run unit tests
run: ./gradlew --scan test jacocoTestReport
- name: Create Test Summary
uses: test-summary/action@v2
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: test
Expand All @@ -74,7 +74,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
submodules: recursive
- name: Set tool version environment variables
Expand Down Expand Up @@ -105,42 +105,42 @@ jobs:
curl -Os https://raw.githubusercontent.com/nexB/scancode-toolkit/v$SCANCODE_VERSION/requirements.txt
pip install --no-cache-dir --constraint requirements.txt scancode-toolkit==$SCANCODE_VERSION
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Run functional tests that do not require external tools
run: ./gradlew --scan -Ptests.exclude=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport
- name: Create Test Summary
uses: test-summary/action@v2
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: funTest-non-docker
funTest-docker:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
submodules: recursive
- name: Free Disk Space
uses: ./.github/actions/free-disk-space
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3
- name: Build ORT Docker Image
uses: docker/build-push-action@v6
uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6
with:
context: .
load: true
tags: ${{ env.TEST_IMAGE_TAG }}
target: all-tools
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort:cache
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Run functional tests that do require external tools
Expand All @@ -158,12 +158,12 @@ jobs:
${{ env.TEST_IMAGE_TAG }} \
-c "./gradlew --scan -Ptests.include=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport"
- name: Create Test Summary
uses: test-summary/action@v2
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: funTest-docker
18 changes: 9 additions & 9 deletions .github/workflows/docker-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,30 +21,30 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Free Disk Space
uses: ./.github/actions/free-disk-space
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Get ORT version
run: |
ORT_VERSION=$(./gradlew -q properties --property version | sed -nr "s/version: (.+)/\1/p")
echo "ORT_VERSION=${ORT_VERSION}" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract Metadata for 'ort' Docker Image
id: meta-ort
uses: docker/metadata-action@v5
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
with:
images: |
${{ env.REGISTRY }}/${{ github.repository_owner }}/ort
Expand All @@ -56,7 +56,7 @@ jobs:
type=sha
- name: Build & Push 'ort' Docker Image
if: ${{ github.event_name != 'pull_request' }}
uses: docker/build-push-action@v6
uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6
with:
context: .
push: true
Expand All @@ -67,7 +67,7 @@ jobs:
build-args: ORT_VERSION=${{ env.ORT_VERSION }}
- name: Build 'ort' Docker Image
if: ${{ github.event_name == 'pull_request' }}
uses: docker/build-push-action@v6
uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6
with:
context: .
tags: ${{ steps.meta-ort.outputs.tags }}
Expand All @@ -76,7 +76,7 @@ jobs:
build-args: ORT_VERSION=${{ env.ORT_VERSION }}
- name: Extract Metadata for 'ort-minimal' Docker Image
id: meta-ort-minimal
uses: docker/metadata-action@v5
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
with:
images: |
${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-minimal
Expand All @@ -87,7 +87,7 @@ jobs:
type=ref,event=tag
type=sha
- name: Build & Push 'ort-minimal' Docker Image
uses: docker/build-push-action@v6
uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6
with:
context: .
# Do not "cache-to" here to not overwrite additional layers from the "full" image, which also contains all
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
ref: ${{ env.ORT_VERSION }}
fetch-depth: 0
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Publish to OSSRH
Expand All @@ -56,7 +56,7 @@ jobs:
./cli/build/distributions/ort-$ORT_VERSION.{tgz,zip}* \
./helper-cli/build/distributions/orth-$ORT_VERSION.{tgz,zip}*
- name: Attest Build Provenance
uses: actions/attest-build-provenance@v1
uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0 # v1
with:
subject-path: |
./cli/build/distributions/ort-${{ env.ORT_VERSION }}.tgz
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,16 @@ jobs:
id-token: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
persist-credentials: false
- name: Run Analysis
uses: ossf/[email protected]
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: ossf-results.sarif
results_format: sarif
publish_results: true
- name: Upload Code Scanning Results
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3
with:
sarif_file: ossf-results.sarif
32 changes: 16 additions & 16 deletions .github/workflows/static-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,20 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Check Commit Messages
uses: wagoid/commitlint-github-action@v6
uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6
with:
configFile: .commitlintrc.yml
code-base-checks:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Check copyrights, license headers, and .gitattributes
Expand All @@ -41,27 +41,27 @@ jobs:
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Check for Detekt Issues
run: ./gradlew detekt
- name: Check for Detekt Issues with type resolution
run: ./gradlew detektMain detektTestFixtures detektTest detektFunTest
- name: Upload SARIF File
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3
if: always() # Upload even if the previous step failed.
with:
sarif_file: build/reports/detekt/merged.sarif
markdown-links:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Check Links
uses: gaurav-nelson/github-action-markdown-link-check@v1
uses: gaurav-nelson/github-action-markdown-link-check@5c5dfc0ac2e225883c0e5f03a85311ec2830d368 # v1
with:
base-branch: main
check-modified-files-only: yes
Expand All @@ -71,11 +71,11 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Setup Node
uses: actions/setup-node@v4
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4
- name: Check for Markdown issues
run: |
npm install -g [email protected]
Expand All @@ -88,25 +88,25 @@ jobs:
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Qodana Scan
uses: JetBrains/[email protected]
uses: JetBrains/qodana-action@c96b39a84dea25f2a24b38a3f6e89903306d5e2a # v2024.1.8
with:
post-pr-comment: false
use-caches: false
- name: Upload Code Scanning Results
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
reuse-tool:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Python
uses: actions/setup-python@v5
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5
with:
python-version: "3.10"
cache: pip
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/wrapper-validation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Validate Wrapper
uses: gradle/actions/wrapper-validation@v3
uses: gradle/actions/wrapper-validation@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
Loading