From 7bdc62c9db7fe10fc4a20fb0b399ad05372798d7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 Apr 2026 04:28:54 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .devcontainer/Dockerfile | 2 +- .devcontainer/compose.yaml | 6 +++--- .github/workflows/security-check.yml | 2 +- .github/workflows/test.yml | 8 ++++---- Dockerfile | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index a79e3649..ca3275e4 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,3 +1,3 @@ # Make sure RUBY_VERSION matches the Ruby version in .ruby-version -ARG RUBY_VERSION=3.4.2 +ARG RUBY_VERSION=3.4.2@sha256:3246fd81cd4158523c17b66fe0add0d6be11cf238816a579429ba5db39e8af95 FROM ghcr.io/rails/devcontainer/images/ruby:$RUBY_VERSION diff --git a/.devcontainer/compose.yaml b/.devcontainer/compose.yaml index 9d518d9d..54443ea2 100644 --- a/.devcontainer/compose.yaml +++ b/.devcontainer/compose.yaml @@ -23,17 +23,17 @@ services: - postgres selenium: - image: selenium/standalone-chromium + image: selenium/standalone-chromium@sha256:e80834f17556d310d92f114c38df84a4c09bfa9564d428c770ea122346c0932c restart: unless-stopped redis: - image: redis:7.2 + image: redis:7.2@sha256:37aa82f9fdff30517603b2e2c5376b34b106d353c2b508262260d3bb0d2c21ba restart: unless-stopped volumes: - redis-data:/data postgres: - image: postgres:16.1 + image: postgres:16.1@sha256:09f23e02d76670d3b346a3c00aa33a27cf57aab8341eedfcdaed41459d14f5c4 restart: unless-stopped networks: - default diff --git a/.github/workflows/security-check.yml b/.github/workflows/security-check.yml index 5d101bf5..1762af6a 100644 --- a/.github/workflows/security-check.yml +++ b/.github/workflows/security-check.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c9bc2fbb..9aa8305e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -12,7 +12,7 @@ jobs: id-token: write # to get access to GitHub autogenerated OIDC token, used by codecov/codecov-action steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 @@ -62,12 +62,12 @@ jobs: run: bin/rails test:all - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5.4.3 + uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 with: use_oidc: true - name: Keep screenshots from failed system tests - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: failure() && steps.tests.conclusion == 'failure' with: name: screenshots @@ -75,7 +75,7 @@ jobs: if-no-files-found: ignore - name: Upload test results to Codecov - uses: codecov/test-results-action@v1.1.1 + uses: codecov/test-results-action@47f89e9acb64b76debcd5ea40642d25a4adced9f # v1.1.1 if: ${{ !cancelled() }} with: use_oidc: true diff --git a/Dockerfile b/Dockerfile index a948dcb7..23885759 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -# syntax = docker/dockerfile:1 +# syntax = docker/dockerfile:1@sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769 # This Dockerfile is designed for production, not development. Use with Kamal or build'n'run by hand: # docker build -t my-app .