CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-04 21:04:37 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Pin all GitHub Actions to exact commit hashes (#1448)

Browse Source
This commit is contained in:
Konsti Wohlwend 2026-05-20 11:14:17 -07:00 committed by GitHub
parent 2c620aa208
commit 2e1a0d76e5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
18 changed files with 107 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/check-prisma-migrations.yaml vendored
View File

@ -20,20 +20,20 @@ jobs:
node-version: [22.x]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Even just starting the Docker Compose as a daemon is slow because we have to download and build the images
# so, we run it in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up -d &
# we don't need to wait on anything, just need to start the daemon

46
.github/workflows/db-migration-backwards-compatibility.yaml vendored
View File

@ -19,7 +19,7 @@ jobs:
base_branch: ${{ steps.check-diff.outputs.base_branch }}
steps:
- name: Checkout current branch
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
@ -60,7 +60,7 @@ jobs:
steps:
# First, checkout the current branch to get its migrations
- name: Checkout current branch
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
path: current-branch
@ -72,7 +72,7 @@ jobs:
# Now checkout base branch (main for dev, dev for all others)
- name: Checkout base branch
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
ref: ${{ needs.check-migrations-changed.outputs.base_branch }}
path: base-branch
@ -85,16 +85,16 @@ jobs:
rm -rf base-branch current-branch
- name: Setup Node.js
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 22.x
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Start Docker Compose in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up --pull always -d &
wait-on: /dev/null
@ -160,7 +160,7 @@ jobs:
run: pnpm run db:init
- name: Start stack-backend in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:backend --log-order=stream &
wait-on: |
@ -170,7 +170,7 @@ jobs:
log-output-if: true
- name: Start stack-mcp in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mcp --log-order=stream &
wait-on: |
@ -180,7 +180,7 @@ jobs:
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -190,7 +190,7 @@ jobs:
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -200,7 +200,7 @@ jobs:
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -210,7 +210,7 @@ jobs:
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
if: ${{ hashFiles('apps/backend/scripts/run-cron-jobs.ts') != '' }}
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &
@ -261,7 +261,7 @@ jobs:
steps:
# First, checkout the base branch to get its migrations
- name: Checkout base branch
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
ref: ${{ needs.check-migrations-changed.outputs.base_branch }}
path: base-branch
@ -273,7 +273,7 @@ jobs:
# Now checkout current branch (new code)
- name: Checkout current branch
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
path: current-branch
@ -292,16 +292,16 @@ jobs:
rm -rf saved-migrations
- name: Setup Node.js
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 22.x
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Start Docker Compose in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up --pull always -d &
wait-on: /dev/null
@ -367,7 +367,7 @@ jobs:
run: pnpm run db:init
- name: Start stack-backend in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:backend --log-order=stream &
wait-on: |
@ -377,7 +377,7 @@ jobs:
log-output-if: true
- name: Start stack-mcp in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mcp --log-order=stream &
wait-on: |
@ -387,7 +387,7 @@ jobs:
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -397,7 +397,7 @@ jobs:
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -407,7 +407,7 @@ jobs:
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -417,7 +417,7 @@ jobs:
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
if: ${{ hashFiles('apps/backend/scripts/run-cron-jobs.ts') != '' }}
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &

12
.github/workflows/docker-server-build-push.yaml vendored
View File

@ -16,11 +16,11 @@ jobs:
runs-on: ubicloud-standard-8
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5
with:
images: ${{ secrets.DOCKER_REPO }}/server
tags: |
@ -30,10 +30,10 @@ jobs:
type=match,pattern=\d.\d.\d
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
- name: Set push condition
id: push-condition
@ -46,13 +46,13 @@ jobs:
- name: Login to DockerHub
if: steps.push-condition.outputs.should_push == 'true'
uses: docker/login-action@v3
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v6
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
with:
context: .
file: ./docker/server/Dockerfile

2
.github/workflows/docker-server-build-run.yaml vendored
View File

@ -15,7 +15,7 @@ jobs:
docker:
runs-on: ubicloud-standard-8
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup postgres
run: |

20
.github/workflows/e2e-api-tests-local-emulator.yaml vendored
View File

@ -28,20 +28,20 @@ jobs:
node-version: [22.x]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Even just starting the Docker Compose as a daemon is slow because we have to download and build the images
# so, we run it in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up --pull always -d &
# we don't need to wait on anything, just need to start the daemon
@ -111,7 +111,7 @@ jobs:
run: pnpm run db:init
- name: Start stack-backend in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:backend --log-order=stream &
wait-on: |
@ -120,7 +120,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start stack-mcp in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mcp --log-order=stream &
wait-on: |
@ -130,7 +130,7 @@ jobs:
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -140,7 +140,7 @@ jobs:
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -150,7 +150,7 @@ jobs:
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -160,7 +160,7 @@ jobs:
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &
wait-on: |

20
.github/workflows/e2e-api-tests.yaml vendored
View File

@ -29,20 +29,20 @@ jobs:
freestyle-mode: [mock, prod]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Even just starting the Docker Compose as a daemon is slow because we have to download and build the images
# so, we run it in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up --pull always -d &
# we don't need to wait on anything, just need to start the daemon
@ -117,7 +117,7 @@ jobs:
run: pnpm run db:init
- name: Start stack-backend in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:backend --log-order=stream &
wait-on: |
@ -126,7 +126,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start stack-mcp in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mcp --log-order=stream &
wait-on: |
@ -135,7 +135,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -144,7 +144,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -153,7 +153,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -162,7 +162,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &
wait-on: |

20
.github/workflows/e2e-custom-base-port-api-tests.yaml vendored
View File

@ -27,20 +27,20 @@ jobs:
node-version: [22.x]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
# Even just starting the Docker Compose as a daemon is slow because we have to download and build the images
# so, we run it in the background
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up -d &
# we don't need to wait on anything, just need to start the daemon
@ -110,7 +110,7 @@ jobs:
run: pnpm run db:init
- name: Start stack-backend in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:backend --log-order=stream &
wait-on: |
@ -119,7 +119,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start stack-mcp in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mcp --log-order=stream &
wait-on: |
@ -128,7 +128,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -137,7 +137,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -146,7 +146,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -155,7 +155,7 @@ jobs:
wait-for: 30s
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &
wait-on: |

18
.github/workflows/e2e-fallback-tests.yaml vendored
View File

@ -33,18 +33,18 @@ jobs:
node-version: [22.x]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
- name: Start Docker Compose in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: docker compose -f docker/dependencies/docker.compose.yaml up --pull always -d &
wait-on: /dev/null
@ -94,7 +94,7 @@ jobs:
# Start backend ONLY on fallback port 8110 — primary port 8102 is intentionally left down
# so the SDK exercises its fallback logic for every request.
- name: Start stack-backend on fallback port (8110)
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run with-env:test next start --port 8110 &
wait-on: |
@ -104,7 +104,7 @@ jobs:
log-output-if: true
- name: Start stack-dashboard in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:dashboard --log-order=stream &
wait-on: |
@ -114,7 +114,7 @@ jobs:
log-output-if: true
- name: Start mock-oauth-server in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run start:mock-oauth-server --log-order=stream &
wait-on: |
@ -124,7 +124,7 @@ jobs:
log-output-if: true
- name: Start run-email-queue in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-email-queue --log-order=stream &
wait-on: |
@ -134,7 +134,7 @@ jobs:
log-output-if: true
- name: Start run-cron-jobs in background
uses: JarvusInnovations/background-action@v1.0.7
uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm -C apps/backend run run-cron-jobs:test --log-order=stream &
wait-on: |

6
.github/workflows/lint-and-build.yaml vendored
View File

@ -20,15 +20,15 @@ jobs:
node-version: [24]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: ${{ matrix.node-version }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
- name: Install dependencies
run: pnpm install --frozen-lockfile

2
.github/workflows/mirror-to-wdb.yaml vendored
View File

@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Mirror branch
run: |

6
.github/workflows/npm-publish.yaml vendored
View File

@ -18,16 +18,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 'latest'
registry-url: 'https://registry.npmjs.org'
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
- name: Install dependencies
run: pnpm install --frozen-lockfile

28
.github/workflows/qemu-emulator-build.yaml vendored
View File

@ -56,22 +56,22 @@ jobs:
runner: ubicloud-standard-8
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Set up QEMU user-mode emulation
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
# Node/pnpm are needed on both arches: arm64 also runs
# generate-env-development.mjs inside build-image.sh. amd64 additionally
# builds and runs the CLI for the verification steps below.
- uses: pnpm/action-setup@v4
- uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
with:
version: 10.23.0
- uses: actions/setup-node@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: 22
cache: pnpm
@ -92,7 +92,7 @@ jobs:
# only pays the ~5-8 min build cost once per runner image.
- name: Restore QEMU 10.2.2 cache
id: qemu-cache
uses: actions/cache@v4
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
with:
path: /opt/qemu
key: qemu-10.2.2-${{ runner.os }}-${{ runner.arch }}-v1
@ -186,7 +186,7 @@ jobs:
ls -lh "stack-emulator-${{ matrix.arch }}.qcow2"
- name: Upload image artifact
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: qemu-emulator-${{ matrix.arch }}
path: stack-emulator-${{ matrix.arch }}.qcow2
@ -206,7 +206,7 @@ jobs:
- arch: amd64
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Install system dependencies
run: |
@ -217,7 +217,7 @@ jobs:
- name: Restore QEMU 10.2.2 cache
id: qemu-cache
uses: actions/cache@v4
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
with:
path: /opt/qemu
key: qemu-10.2.2-${{ runner.os }}-${{ runner.arch }}-v1
@ -256,11 +256,11 @@ jobs:
echo "WARNING: /dev/kvm is not writable — will fall back to TCG (very slow)"
fi
- uses: pnpm/action-setup@v4
- uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
with:
version: 10.23.0
- uses: actions/setup-node@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: 22
cache: pnpm
@ -274,7 +274,7 @@ jobs:
pnpm exec turbo run build --filter='@stackframe/stack-cli...'
- name: Download built image
uses: actions/download-artifact@v4
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
with:
name: qemu-emulator-${{ matrix.arch }}
path: ${{ github.workspace }}/.stack-emulator-images/
@ -325,10 +325,10 @@ jobs:
contents: write
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Download all artifacts
uses: actions/download-artifact@v4
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
with:
path: artifacts

4
.github/workflows/reviewers-assignees.yml vendored
View File

@ -17,7 +17,7 @@ jobs:
steps:
- name: Add reviewer as assignee
if: ${{ github.event_name == 'pull_request' && github.event.action == 'review_requested' }}
uses: actions/github-script@v7
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
with:
script: |
const pr = context.payload.pull_request;
@ -36,7 +36,7 @@ jobs:
- name: Remove reviewer from assignees on review submission
if: ${{ github.event_name == 'pull_request_review' && github.event.action == 'submitted' }}
uses: actions/github-script@v7
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
with:
script: |
const pr = context.payload.pull_request;

8
.github/workflows/setup-tests-with-custom-base-port.yaml vendored
View File

@ -24,15 +24,15 @@ jobs:
STACK_EXTERNAL_DB_SYNC_DIRECT: "false"
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js v20
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 20
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
- name: Install packages
run: pnpm install
@ -41,7 +41,7 @@ jobs:
- run: pnpm run codegen
- run: pnpm run start-deps
- uses: JarvusInnovations/background-action@v1.0.7
- uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run dev &
wait-on: |

8
.github/workflows/setup-tests.yaml vendored
View File

@ -22,15 +22,15 @@ jobs:
STACK_EXTERNAL_DB_SYNC_MAX_DURATION_MS: "20000"
STACK_EXTERNAL_DB_SYNC_DIRECT: "false"
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup Node.js v20
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 20
- name: Setup pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
- name: Install packages
run: pnpm install
@ -39,7 +39,7 @@ jobs:
- run: pnpm run codegen
- run: pnpm run start-deps
- uses: JarvusInnovations/background-action@v1.0.7
- uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 # v1.0.7
with:
run: pnpm run dev &
wait-on: |

2
.github/workflows/swift-sdk-publish.yaml vendored
View File

@ -17,7 +17,7 @@ jobs:
steps:
- name: Checkout source repo
uses: actions/checkout@v4
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
path: source

2
.github/workflows/sync-main-to-dev.yml vendored
View File

@ -13,7 +13,7 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}

2
.github/workflows/table-of-contents.yaml vendored
View File

@ -19,7 +19,7 @@ jobs:
contents: write
actions: write
steps:
- uses: technote-space/toc-generator@v4
- uses: technote-space/toc-generator@9e238e7974de5fcf7b17b7acc54c896160dda0a3 # v4
with:
TOC_TITLE: ""
TARGET_PATHS: "README*.md,CONTRIBUTING.md"