diff --git a/.github/workflows/build-common.yml b/.github/workflows/build-common.yml index f934a32773..8680d24c36 100644 --- a/.github/workflows/build-common.yml +++ b/.github/workflows/build-common.yml @@ -16,16 +16,16 @@ jobs: spotless: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Spotless run: ./gradlew spotlessCheck ${{ inputs.no-build-cache && '--no-build-cache' || '' }} @@ -33,17 +33,17 @@ jobs: gradle-wrapper-validation: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - - uses: gradle/actions/wrapper-validation@v6 + - uses: gradle/actions/wrapper-validation@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 license-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 @@ -53,7 +53,7 @@ jobs: run: ./.github/scripts/build-azure-monitor-dependency.sh - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Generate license report run: | @@ -84,10 +84,10 @@ jobs: - name: Support long paths run: git config --system core.longpaths true - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 @@ -98,10 +98,10 @@ jobs: run: ./.github/scripts/build-azure-monitor-dependency.sh - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Add MSBuild to PATH - uses: microsoft/setup-msbuild@v3 + uses: microsoft/setup-msbuild@30375c66a4eea26614e0d39710365f22f8b0af57 # v3 - name: Setup Visual Studio and Windows SDK environment shell: cmd @@ -120,7 +120,7 @@ jobs: ${{ inputs.no-build-cache && '--no-build-cache' || '' }} - name: Upload snapshot - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: path: agent/agent/build/libs/applicationinsights-agent-*-SNAPSHOT.jar @@ -147,17 +147,17 @@ jobs: run: git config --system core.longpaths true if: matrix.os == 'windows-2022' - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - id: setup-test-java name: Set up JDK ${{ matrix.test-java-version }}-${{ matrix.vm }} for running tests - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: ${{ matrix.vm == 'hotspot' && 'temurin' || 'adopt-openj9'}} java-version: ${{ matrix.test-java-version }} - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 @@ -168,7 +168,7 @@ jobs: run: ./.github/scripts/build-azure-monitor-dependency.sh - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Test # spotless is checked separately since it's a common source of failure @@ -187,7 +187,7 @@ jobs: outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - id: set-matrix run: | @@ -226,10 +226,10 @@ jobs: matrix: ${{fromJson(needs.setup-smoke-test-matrix.outputs.matrix)}} fail-fast: false steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Java 21 - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 @@ -239,7 +239,7 @@ jobs: run: ./.github/scripts/build-azure-monitor-dependency.sh - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Test run: ./gradlew ${{ matrix.module }}:smokeTest --tests "${{ matrix.test_class }}*" @@ -254,7 +254,7 @@ jobs: echo "UPLOAD_ARTIFACT_NAME=$artifact_name" >> $GITHUB_ENV - name: Upload smoke test reports - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 if: failure() with: name: ${{ env.UPLOAD_ARTIFACT_NAME }} diff --git a/.github/workflows/codeql-daily.yml b/.github/workflows/codeql-daily.yml index c73a50146a..ff3309a9f0 100644 --- a/.github/workflows/codeql-daily.yml +++ b/.github/workflows/codeql-daily.yml @@ -18,19 +18,19 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Java 21 - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 with: languages: java @@ -39,7 +39,7 @@ jobs: run: ./gradlew assemble --no-build-cache - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 with: category: java @@ -52,16 +52,16 @@ jobs: runs-on: windows-2022 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Java 21 (required for JNI compilation) - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Visual Studio Build Tools - uses: microsoft/setup-msbuild@v3 + uses: microsoft/setup-msbuild@30375c66a4eea26614e0d39710365f22f8b0af57 # v3 # This step uses Microsoft's vswhere tool to verify that the official Windows 10 SDK (version 19041) is installed. # vswhere is a Microsoft-provided command-line utility that locates Visual Studio installations and their components. @@ -71,10 +71,10 @@ jobs: shell: pwsh - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 with: languages: cpp debug: true @@ -118,7 +118,7 @@ jobs: ) - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 with: category: cpp diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 572abd4792..7ed02753cd 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -25,16 +25,16 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Populate Gradle caches run: ./gradlew classes testClasses assemble spotlessApply diff --git a/.github/workflows/owasp-dependency-check-daily.yml b/.github/workflows/owasp-dependency-check-daily.yml index 2f8947cd31..77c2c4a0f4 100644 --- a/.github/workflows/owasp-dependency-check-daily.yml +++ b/.github/workflows/owasp-dependency-check-daily.yml @@ -11,16 +11,16 @@ jobs: analyze: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Java 21 - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - run: ./gradlew :agent:agent:dependencyCheckAnalyze env: @@ -28,7 +28,7 @@ jobs: - name: Upload report if: always() - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7 with: path: agent/agent/build/reports diff --git a/.github/workflows/perf-test_daily.yml b/.github/workflows/perf-test_daily.yml index d11b06a6f5..2498308477 100644 --- a/.github/workflows/perf-test_daily.yml +++ b/.github/workflows/perf-test_daily.yml @@ -10,16 +10,16 @@ jobs: assemble-application-insights: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up JDK for running Gradle - uses: actions/setup-java@v5 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 with: distribution: temurin java-version: 21 - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 - name: Build Application Insights Java agent run: ./gradlew assemble @@ -30,7 +30,7 @@ jobs: - name: Run perf test env: PERF_TEST_URL_PATTERN: ${{ secrets.PERF_TEST_URL_PATTERN }} - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3 with: build-root-directory: ./perf-tests arguments: test diff --git a/.github/workflows/pull-request-helper.yml b/.github/workflows/pull-request-helper.yml index 23a921f876..d9c99aefad 100644 --- a/.github/workflows/pull-request-helper.yml +++ b/.github/workflows/pull-request-helper.yml @@ -10,7 +10,7 @@ jobs: if: github.event.pull_request.user.login == 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: # this is the personal access token used for "git push" below # which is needed in order to trigger workflows @@ -24,7 +24,7 @@ jobs: gh pr checkout $NUMBER - name: Setup Gradle - uses: gradle/actions/setup-gradle@v6 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6 with: cache-read-only: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 59b9e83ef8..d1a93eb089 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ jobs: outputs: version: ${{ steps.create-github-release.outputs.version }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set environment variables run: | diff --git a/.github/workflows/reusable-create-docs-pull-request.yml b/.github/workflows/reusable-create-docs-pull-request.yml index b4831748e1..1a2a64b28d 100644 --- a/.github/workflows/reusable-create-docs-pull-request.yml +++ b/.github/workflows/reusable-create-docs-pull-request.yml @@ -32,7 +32,7 @@ jobs: gh repo sync xiang17/azure-monitor-docs-pr \ --source MicrosoftDocs/azure-monitor-docs-pr - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: repository: xiang17/azure-monitor-docs-pr # this is the personal access token used for "git push" below diff --git a/.github/workflows/reusable-create-version-bump-pull-request.yml b/.github/workflows/reusable-create-version-bump-pull-request.yml index 44abada40a..826910e477 100644 --- a/.github/workflows/reusable-create-version-bump-pull-request.yml +++ b/.github/workflows/reusable-create-version-bump-pull-request.yml @@ -17,7 +17,7 @@ jobs: bump-version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set environment variables env: diff --git a/.github/workflows/reusable-scheduled-job-notification.yml b/.github/workflows/reusable-scheduled-job-notification.yml index 062c7d9b70..b398c17496 100644 --- a/.github/workflows/reusable-scheduled-job-notification.yml +++ b/.github/workflows/reusable-scheduled-job-notification.yml @@ -13,7 +13,7 @@ jobs: issues: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Open issue or add comment if issue already open env: