diff --git a/.github/depandabot.yml b/.github/dependabot.yml similarity index 68% rename from .github/depandabot.yml rename to .github/dependabot.yml index 26d29c7..aea4bb4 100644 --- a/.github/depandabot.yml +++ b/.github/dependabot.yml @@ -4,4 +4,6 @@ updates: directory: "/" # Check for updates every Monday schedule: - interval: "weekly" \ No newline at end of file + interval: "weekly" + cooldown: + default-days: 7 diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml deleted file mode 100644 index e3dfb58..0000000 --- a/.github/workflows/lint-pr.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: "Lint PR" - -on: - pull_request_target: - types: - - opened - - edited - - synchronize - -permissions: - pull-requests: read - -jobs: - main: - name: Validate PR title - runs-on: ubuntu-latest - steps: - - uses: amannn/action-semantic-pull-request@v5 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release-plz.yml b/.github/workflows/release-plz.yml index fd51a16..79d20b3 100644 --- a/.github/workflows/release-plz.yml +++ b/.github/workflows/release-plz.yml @@ -16,15 +16,15 @@ jobs: steps: - &checkout name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: true - &install-rust name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1 - name: Run release-plz - uses: release-plz/action@v0.5 + uses: release-plz/action@064f4d1e36c843611ddf013be726beaa4ad804db # v0.5.129 with: command: release env: @@ -44,7 +44,7 @@ jobs: - *checkout - *install-rust - name: Run release-plz - uses: release-plz/action@v0.5 + uses: release-plz/action@064f4d1e36c843611ddf013be726beaa4ad804db # v0.5.129 with: command: release-pr env: diff --git a/.github/workflows/rust-compile.yml b/.github/workflows/rust-compile.yml index 0d009f9..5a7ff56 100644 --- a/.github/workflows/rust-compile.yml +++ b/.github/workflows/rust-compile.yml @@ -6,6 +6,8 @@ on: name: Rust +permissions: {} + concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -21,20 +23,24 @@ jobs: name: Check intra-doc links runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions-rust-lang/setup-rust-toolchain@v1 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + with: + persist-credentials: false + - uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 - run: cargo rustdoc --all-features -- -D warnings -W unreachable-pub format_and_lint: name: Format and Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions-rust-lang/setup-rust-toolchain@v1 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + with: + persist-credentials: false + - uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 with: components: clippy, rustfmt - name: Run rustfmt - uses: actions-rust-lang/rustfmt@v1 + uses: actions-rust-lang/rustfmt@4066006ec54a31931b9b1fddfd38f2fdf2d27143 # v1.1.2 - name: Run clippy run: cargo clippy @@ -44,9 +50,11 @@ jobs: needs: [ format_and_lint ] steps: - name: Checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + with: + persist-credentials: false - name: Install Rust toolchain - uses: actions-rust-lang/setup-rust-toolchain@v1 + uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 with: components: rustfmt - name: Build