Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions .github/workflows/check-license.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,20 @@ name: License Header Check

on:
pull_request:
branches:
- develop
push:
branches:
- develop

permissions:
contents: read

jobs:
check-license-header:
name: Check License Header
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8

I'm seeing 8e8c483db84b4bee98b60c0593521ed34d9990e8 for v6

Ref: https://github.com/actions/checkout/releases/tag/v6

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I think that one had just released. I grabbed the version we're using in all of the other projects. That's part of why we want the explicit pins, beyond the security safety net they provide. Will did a recent blog about "cooldown" periods a couple weeks back.

Dependabot should be keeping things inline going forward.


- uses: apache/skywalking-eyes/header@main
- uses: apache/skywalking-eyes/header@b7f8b351c2db8005972712d7efc0a15484a15bcb
with:
mode: check
14 changes: 7 additions & 7 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
name: CI

on:
pull_request:
push:
branches:
- develop
- main

pull_request:
branches:
- develop
permissions:
contents: read

jobs:
ci:
Expand All @@ -20,19 +20,19 @@ jobs:

steps:
- name: Checkout Repository
uses: actions/checkout@v6
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3

- name: Set up JDK 17
uses: actions/setup-java@v5
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
java-version: 17
distribution: 'corretto'

- name: Setup Gradle
uses: gradle/actions/setup-gradle@v5
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2

- name: Install uv and set the Python version
uses: astral-sh/setup-uv@v7
uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244
with:
python-version: ${{ matrix.python-version }}
activate-environment: true
Expand Down
11 changes: 9 additions & 2 deletions .github/workflows/update-gradle-wrapper.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,21 @@ on:
# Run at midnight (UTC) every wednesday
- cron: "0 0 * * 3"

permissions:
contents: read

jobs:
update-gradle-wrapper:
runs-on: ubuntu-latest

permissions:
# allow job to open a pull request with changes
pull-requests: write

steps:
- uses: actions/checkout@v6
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3

- name: Update Gradle Wrapper
uses: gradle-update/update-gradle-wrapper-action@v2
uses: gradle-update/update-gradle-wrapper-action@512b1875f3b6270828abfe77b247d5895a2da1e5
with:
paths: codegen/**
Loading