From 7ff668d7c91d6afae506f8ec6bf13341b0fd2649 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 20 Jun 2026 02:22:06 +0000 Subject: [PATCH] fix(deps): pin dependencies --- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/conventional-commit-pr-title.yml | 2 +- .github/workflows/dist.yml | 4 ++-- .github/workflows/release-please.yml | 6 +++--- .github/workflows/test.yml | 8 ++++---- .github/workflows/update-dependencies.yml | 2 +- package-lock.json | 3 +-- package.json | 2 +- 8 files changed, 17 insertions(+), 18 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 600c45b5..c60f234e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.36.2 with: config-file: ./.github/codeql/codeql-config-${{ matrix.language }}.yml languages: ${{ matrix.language }} @@ -52,7 +52,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v4.36.2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -66,4 +66,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v4.36.2 diff --git a/.github/workflows/conventional-commit-pr-title.yml b/.github/workflows/conventional-commit-pr-title.yml index 1bd683f9..cf0b994c 100644 --- a/.github/workflows/conventional-commit-pr-title.yml +++ b/.github/workflows/conventional-commit-pr-title.yml @@ -14,6 +14,6 @@ jobs: permissions: pull-requests: read steps: - - uses: amannn/action-semantic-pull-request@v6 + - uses: amannn/action-semantic-pull-request@v6.1.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/dist.yml b/.github/workflows/dist.yml index 0a8ebff5..ccbd90d6 100644 --- a/.github/workflows/dist.yml +++ b/.github/workflows/dist.yml @@ -7,11 +7,11 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 with: token: ${{ secrets.DEVEX_BOT_TOKEN }} - name: Setup node 24 - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.4.0 with: node-version: 24.11.1 diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 4526f8e6..a0c74cb5 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -9,14 +9,14 @@ jobs: release-please-release: runs-on: ubuntu-latest steps: - - uses: google-github-actions/release-please-action@v3 + - uses: google-github-actions/release-please-action@v3.7.13 id: release with: package-name: ${{env.ACTION_NAME}} release-type: node token: ${{ github.token }} command: github-release - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 - name: tag major and minor versions if: ${{ steps.release.outputs.release_created }} run: | @@ -36,7 +36,7 @@ jobs: - release-please-release steps: - id: release-pr - uses: google-github-actions/release-please-action@v3 + uses: google-github-actions/release-please-action@v3.7.13 with: token: ${{ secrets.DEVEX_BOT_TOKEN }} release-type: node diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e011a139..9c66b24a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,15 +44,15 @@ jobs: statuses: write checks: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.3 - name: Install Octopus CLI 🐙 - uses: OctopusDeploy/install-octopus-cli-action@v1 + uses: OctopusDeploy/install-octopus-cli-action@v1.2.1 with: version: '*' - name: Setup node 24 - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.4.0 with: node-version: 24.11.1 @@ -66,7 +66,7 @@ jobs: run: npm run all - name: Test Report - uses: dorny/test-reporter@v1 + uses: dorny/test-reporter@v1.9.1 if: success() || failure() with: name: JEST Tests diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index ca29c62a..a2760ca2 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.3 - name: Self-hosted Renovate uses: renovatebot/github-action@e23f4d9675532445118c886434f5a34292b630b4 # v46.0.2 diff --git a/package-lock.json b/package-lock.json index 78d1965c..a90711de 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,7 +11,7 @@ "dependencies": { "@actions/core": "3.0.1", "@octopusdeploy/api-client": "3.11.0", - "axios": "^1.17.0", + "axios": "1.17.0", "glob": "8.1.0" }, "devDependencies": { @@ -3054,7 +3054,6 @@ "version": "1.17.0", "resolved": "https://registry.npmjs.org/axios/-/axios-1.17.0.tgz", "integrity": "sha512-J8SwNxprqqpbfenehxWYXE7CW+wM1BB4w3+N+g+/Wx40xM4rsLrfPmHHxSWIxJLYDgSY/HqlFPIYb2/S3rxafw==", - "license": "MIT", "dependencies": { "follow-redirects": "^1.16.0", "form-data": "^4.0.5", diff --git a/package.json b/package.json index d3be1315..f04f190e 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "dependencies": { "@actions/core": "3.0.1", "@octopusdeploy/api-client": "3.11.0", - "axios": "^1.17.0", + "axios": "1.17.0", "glob": "8.1.0" }, "description": "GitHub Action to Push a Package to Octopus Deploy",