Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/agda-meta-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ jobs:

- name: Cache Agda
if: steps.detect.outputs.relevant == 'true'
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0
with:
path: |
~/.cabal
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ghcr-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -88,14 +88,14 @@ jobs:
# gh attest verify oci://ghcr.io/${{ github.repository }}:<tag> \
# --repo ${{ github.repository }}
- name: Attest container provenance (minimal image)
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2
uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push.outputs.min_digest }}
push-to-registry: true

- name: Attest container provenance (full image)
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2
uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push.outputs.full_digest }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/mvp-smoke.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2

- name: Install just
uses: taiki-e/install-action@b8cecb83565409bcc297b2df6e77f030b2a468d5 # v2.82.0
uses: taiki-e/install-action@682e7d9e49c5e653d371fc6adbda67653461378a # v2.82.4
with:
# Governance R1 requires versioned family-tool pins
# (just|must|trust|adjust|bust|dust|intend); bare `tool: just`
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/push-email-notify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Send push notification email
uses: dawidd6/action-send-mail@6e502825a508b867ab2954ad6343b68787624c01 # pinned
uses: dawidd6/action-send-mail@994f270325d4f7257aff241a35488ef54ba364a4 # pinned
with:
server_address: ${{ secrets.SMTP_HOST }}
server_port: ${{ secrets.SMTP_PORT }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/s4-loop.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
- name: Cache Cargo
uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2
- name: Install just
uses: taiki-e/install-action@b8cecb83565409bcc297b2df6e77f030b2a468d5 # v2.82.0
uses: taiki-e/install-action@682e7d9e49c5e653d371fc6adbda67653461378a # v2.82.4
with:
tool: just@1.51.0
- name: Install system dependencies
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,6 @@ permissions:

jobs:
scan:
uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@3f7d0bbed133629b62052fd181a84e4e1c774f9a # main 2026-05-20
uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@1c38f3379a3491504c3ea8bf80c3ddc48a497af7 # main 2026-05-20
secrets:
VERISIMDB_PAT: ${{ secrets.VERISIMDB_PAT }}
Loading