From cd1b7bd346a477900859de8d58eca74ff5719e74 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 17 Mar 2026 17:18:01 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .devcontainer/Dockerfile | 2 +- .devcontainer/compose.yaml | 6 +++--- .github/workflows/security-check.yml | 2 +- .github/workflows/test.yml | 8 ++++---- Dockerfile | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index a79e3649..1a376e58 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,3 +1,3 @@ # Make sure RUBY_VERSION matches the Ruby version in .ruby-version -ARG RUBY_VERSION=3.4.2 +ARG RUBY_VERSION=3.4.2@sha256:d3e8ee0a845de0ae100c9615335e404370d71838a39a3c71912407f95559755e FROM ghcr.io/rails/devcontainer/images/ruby:$RUBY_VERSION diff --git a/.devcontainer/compose.yaml b/.devcontainer/compose.yaml index 9d518d9d..713d5c70 100644 --- a/.devcontainer/compose.yaml +++ b/.devcontainer/compose.yaml @@ -23,17 +23,17 @@ services: - postgres selenium: - image: selenium/standalone-chromium + image: selenium/standalone-chromium@sha256:36474a4c56765ec3d04dc4cbac57a021e0d88e89fdb5dca297a50f1100279c1a restart: unless-stopped redis: - image: redis:7.2 + image: redis:7.2@sha256:b265edbf010b4d590d4e46e8265aa2f719b9f76354c18b6bf3100cac41ab1b31 restart: unless-stopped volumes: - redis-data:/data postgres: - image: postgres:16.1 + image: postgres:16.1@sha256:09f23e02d76670d3b346a3c00aa33a27cf57aab8341eedfcdaed41459d14f5c4 restart: unless-stopped networks: - default diff --git a/.github/workflows/security-check.yml b/.github/workflows/security-check.yml index 5d101bf5..1762af6a 100644 --- a/.github/workflows/security-check.yml +++ b/.github/workflows/security-check.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c9bc2fbb..9aa8305e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -12,7 +12,7 @@ jobs: id-token: write # to get access to GitHub autogenerated OIDC token, used by codecov/codecov-action steps: - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Ruby # Install the version defined in .ruby-version uses: ruby/setup-ruby@v1 @@ -62,12 +62,12 @@ jobs: run: bin/rails test:all - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5.4.3 + uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 with: use_oidc: true - name: Keep screenshots from failed system tests - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 if: failure() && steps.tests.conclusion == 'failure' with: name: screenshots @@ -75,7 +75,7 @@ jobs: if-no-files-found: ignore - name: Upload test results to Codecov - uses: codecov/test-results-action@v1.1.1 + uses: codecov/test-results-action@47f89e9acb64b76debcd5ea40642d25a4adced9f # v1.1.1 if: ${{ !cancelled() }} with: use_oidc: true diff --git a/Dockerfile b/Dockerfile index a948dcb7..88a62e4f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -# syntax = docker/dockerfile:1 +# syntax = docker/dockerfile:1@sha256:4a43a54dd1fedceb30ba47e76cfcf2b47304f4161c0caeac2db1c61804ea3c91 # This Dockerfile is designed for production, not development. Use with Kamal or build'n'run by hand: # docker build -t my-app .