(datafusion) branch main updated: Pin github actions to commit sha (#16964)

Wed, 30 Jul 2025 09:22:27 -0700 

This is an automated email from the ASF dual-hosted git repository.

alamb pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/datafusion.git


The following commit(s) were added to refs/heads/main by this push:
     new 9b27952303 Pin github actions to commit sha (#16964)
9b27952303 is described below

commit 9b27952303d38f9991475e9feb1d81ccac9d4f65
Author: GPK <gopidesupa...@gmail.com>
AuthorDate: Wed Jul 30 17:22:16 2025 +0100

    Pin github actions to commit sha (#16964)
    
    Co-authored-by: Andrew Lamb <and...@nerdnetworks.org>
---
 .github/workflows/audit.yml               |  2 +-
 .github/workflows/dependencies.yml        |  2 +-
 .github/workflows/dev.yml                 |  8 ++---
 .github/workflows/docs.yaml               |  6 ++--
 .github/workflows/docs_pr.yaml            |  4 +--
 .github/workflows/extended.yml            | 12 +++----
 .github/workflows/labeler.yml             |  4 +--
 .github/workflows/large_files.yml         |  2 +-
 .github/workflows/pr_comment_commands.yml |  4 +--
 .github/workflows/rust.yml                | 60 +++++++++++++++----------------
 .github/workflows/stale.yml               |  2 +-
 11 files changed, 53 insertions(+), 53 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 491fa27c2a..3ced19674f 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -38,7 +38,7 @@ jobs:
   security_audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Install cargo-audit
         run: cargo install cargo-audit
       - name: Run audit check
diff --git a/.github/workflows/dependencies.yml 
b/.github/workflows/dependencies.yml
index a577725fed..925fe1510b 100644
--- a/.github/workflows/dependencies.yml
+++ b/.github/workflows/dependencies.yml
@@ -41,7 +41,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
index aa4bd862e0..6833916cb8 100644
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@@ -27,15 +27,15 @@ jobs:
     runs-on: ubuntu-latest
     name: Check License Header
     steps:
-      - uses: actions/checkout@v4
-      - uses: korandoru/hawkeye@v6
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
+      - uses: korandoru/hawkeye@cdc68d9c8ace500aefcd8f4dd39b915cd06305dd  # 
v6.1.1
 
   prettier:
     name: Use prettier to check formatting of documents
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # 
v4.4.0
         with:
           node-version: "20"
       - name: Prettier check
diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
index 5f1b2c1395..7a0d7cd1a3 100644
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -32,16 +32,16 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout docs sources
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
 
       - name: Checkout asf-site branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           ref: asf-site
           path: asf-site
 
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # 
v5.6.0
         with:
           python-version: "3.12"
 
diff --git a/.github/workflows/docs_pr.yaml b/.github/workflows/docs_pr.yaml
index 8d11cdf9d3..e78a62ec40 100644
--- a/.github/workflows/docs_pr.yaml
+++ b/.github/workflows/docs_pr.yaml
@@ -40,12 +40,12 @@ jobs:
     name: Test doc build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # 
v5.6.0
         with:
           python-version: "3.12"
       - name: Install doc dependencies
diff --git a/.github/workflows/extended.yml b/.github/workflows/extended.yml
index fb97fbac97..d53405afda 100644
--- a/.github/workflows/extended.yml
+++ b/.github/workflows/extended.yml
@@ -56,7 +56,7 @@ jobs:
     runs-on: ubuntu-latest
     # note: do not use amd/rust container to preserve disk space
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           ref: ${{ github.event.inputs.pr_head_sha }} # will be empty if 
triggered by push
           submodules: true
@@ -80,13 +80,13 @@ jobs:
     runs-on: ubuntu-latest
     # note: do not use amd/rust container to preserve disk space
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           ref: ${{ github.event.inputs.pr_head_sha }} # will be empty if 
triggered by push
           submodules: true
           fetch-depth: 1
       - name: Free Disk Space (Ubuntu)
-        uses: 
jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be
+        uses: 
jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be  # v1.3.1
       - name: Install Rust
         run: |
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- 
-y
@@ -124,7 +124,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           ref: ${{ github.event.inputs.pr_head_sha }} # will be empty if 
triggered by push
           submodules: true
@@ -145,7 +145,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           ref: ${{ github.event.inputs.pr_head_sha }} # will be empty if 
triggered by push
           submodules: true
@@ -177,7 +177,7 @@ jobs:
           fi
 
       - name: Update check run
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea  
# v7.0.1
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 8b251552d3..72a806dd06 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -39,14 +39,14 @@ jobs:
       contents: read
       pull-requests: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
 
       - name: Assign GitHub labels
         if: |
           github.event_name == 'pull_request_target' &&
             (github.event.action == 'opened' ||
              github.event.action == 'synchronize')
-        uses: actions/labeler@v5.0.0
+        uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9  # 
v5.0.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           configuration-path: .github/workflows/labeler/labeler-config.yml
diff --git a/.github/workflows/large_files.yml 
b/.github/workflows/large_files.yml
index aa96d55a0d..4a0d4ae86c 100644
--- a/.github/workflows/large_files.yml
+++ b/.github/workflows/large_files.yml
@@ -28,7 +28,7 @@ jobs:
   check-files:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           fetch-depth: 0
       - name: Check size of new Git objects
diff --git a/.github/workflows/pr_comment_commands.yml 
b/.github/workflows/pr_comment_commands.yml
index 6aa6caaf34..3bec5fcf9b 100644
--- a/.github/workflows/pr_comment_commands.yml
+++ b/.github/workflows/pr_comment_commands.yml
@@ -34,7 +34,7 @@ jobs:
     if: ${{ github.event_name == 'issue_comment' && 
github.event.issue.pull_request && contains(github.event.comment.body, 'Run 
extended tests') }}
     steps:
       - name: Dispatch extended tests for a PR branch with comment
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea  
# v7.0.1
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
@@ -78,7 +78,7 @@ jobs:
             });
 
       - name: Add reaction to comment
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea  
# v7.0.1
         with:
           script: |
             await github.rest.reactions.createForIssueComment({
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index eacec0abee..07fe9ede7c 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -46,13 +46,13 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
           rust-version: stable
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
           shared-key: "amd-ci-check" # this job uses it's own cache becase 
check has a separate cache and we need it to be fast as it blocks other jobs
           save-if: ${{ github.ref_name == 'main' }}
@@ -74,7 +74,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -99,13 +99,13 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
           rust-version: stable
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
           save-if: false # set in linux-test
           shared-key: "amd-ci"
@@ -136,7 +136,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -167,13 +167,13 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
           rust-version: stable
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
           save-if: false # set in linux-test
           shared-key: "amd-ci"
@@ -232,7 +232,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -267,7 +267,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -276,7 +276,7 @@ jobs:
         with:
           rust-version: stable
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
          save-if: ${{ github.ref_name == 'main' }}
          shared-key: "amd-ci"
@@ -308,7 +308,7 @@ jobs:
     # container:
     #  image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -334,7 +334,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -343,7 +343,7 @@ jobs:
         with:
           rust-version: stable
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
           save-if: ${{ github.ref_name == 'main' }}
           shared-key: "amd-ci-linux-test-example"
@@ -364,7 +364,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -385,7 +385,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -397,7 +397,7 @@ jobs:
     name: build and run with wasm-pack
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup for wasm32
         run: |
           rustup target add wasm32-unknown-unknown
@@ -422,7 +422,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -469,7 +469,7 @@ jobs:
           --health-timeout 5s
           --health-retries 5
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -493,7 +493,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -547,7 +547,7 @@ jobs:
     name: cargo test (macos-aarch64)
     runs-on: macos-14
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -564,7 +564,7 @@ jobs:
     container:
       image: amd64/rust:bullseye # Use the bullseye tag image which comes with 
python3.9
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -587,7 +587,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -604,7 +604,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
         with:
@@ -663,7 +663,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -674,7 +674,7 @@ jobs:
       - name: Install Clippy
         run: rustup component add clippy
       - name: Rust Dependency Cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0  # 
v2.8.0
         with:
           save-if: ${{ github.ref_name == 'main' }}
           shared-key: "amd-ci-clippy"
@@ -688,7 +688,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -709,7 +709,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
         with:
           submodules: true
           fetch-depth: 1
@@ -717,7 +717,7 @@ jobs:
         uses: ./.github/actions/setup-builder
         with:
           rust-version: stable
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # 
v4.4.0
         with:
           node-version: "20"
       - name: Check if configs.md has been modified
@@ -742,7 +742,7 @@ jobs:
     container:
       image: amd64/rust
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # 
v4.2.2
       - name: Setup Rust toolchain
         uses: ./.github/actions/setup-builder
       - name: Install cargo-msrv
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 2312526824..fd0af731d4 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -27,7 +27,7 @@ jobs:
       issues: write
       pull-requests: write
     steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639  # v9.1.0
         with:
           stale-pr-message: "Thank you for your contribution. Unfortunately, 
this pull request is stale because it has been open 60 days with no activity. 
Please remove the stale label or comment or this will be closed in 7 days."
           days-before-pr-stale: 60


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@datafusion.apache.org
For additional commands, e-mail: commits-h...@datafusion.apache.org

Reply via email to