diff --git a/.github/workflows/changed-packages.yml b/.github/workflows/changed-packages.yml index 5d4d8d050fc..23c03122c7f 100644 --- a/.github/workflows/changed-packages.yml +++ b/.github/workflows/changed-packages.yml @@ -20,7 +20,7 @@ jobs: changes: ${{ steps.changes.outputs.changes }} steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 2 - name: Check if branch is out of date @@ -29,7 +29,7 @@ jobs: git fetch origin main --depth 1 && git merge-base --is-ancestor origin/main @; - name: Detect changed packages - uses: dorny/paths-filter@v2.11.1 + uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 id: changes with: filters: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a38a2c84bef..b3c25682570 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,11 +21,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -34,7 +34,7 @@ jobs: env: PUPPETEER_SKIP_DOWNLOAD: true # Set up GitHub Actions caching for Wireit. - - uses: google/wireit@setup-github-actions-caching/v1 + - uses: google/wireit@f3a3c79c553122e2fe5829eeac7d815326502903 # setup-github-actions-caching/v1 - name: Check code run: npm run check - name: Lint code @@ -75,9 +75,9 @@ jobs: contents: write steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -90,7 +90,7 @@ jobs: NODE_OPTIONS: --max-old-space-size=6144 run: npm run build - name: Deploy to GitHub Pages - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./website/build @@ -138,9 +138,9 @@ jobs: suite: chrome-headful steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -152,7 +152,7 @@ jobs: run: npm run build --workspace @puppeteer-test/test - name: Setup cache for Chrome binary if: ${{ matrix.suite != 'chrome-bidi' }} - uses: actions/cache@v3 + uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 with: path: ~/.cache/puppeteer/chrome key: ${{ runner.os }}-Chrome-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} @@ -161,7 +161,7 @@ jobs: run: npm run postinstall - name: Setup cache for Chrome Canary binary if: ${{ matrix.suite == 'chrome-bidi' }} - uses: actions/cache@v3 + uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 with: path: ~/.cache/puppeteer/chrome-canary key: ${{ runner.os }}-Chrome-Canary-${{ hashFiles('package.json') }} @@ -184,7 +184,7 @@ jobs: run: xvfb-run --auto-servernum npm run test -- --test-suite ${{ matrix.suite }} --save-stats-to /tmp/artifacts/${{ github.event_name }}_INSERTID.json env: PUPPETEER_EXECUTABLE_PATH: ${{ steps.browser.outputs.executablePath }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 if: always() with: name: test-results @@ -223,9 +223,9 @@ jobs: suite: firefox-headless steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -236,7 +236,7 @@ jobs: - name: Build packages run: npm run build --workspace @puppeteer-test/test - name: Setup cache for Firefox binary - uses: actions/cache@v3 + uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 with: path: ~/.cache/puppeteer/firefox key: ${{ runner.os }}-firefox-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} @@ -255,7 +255,7 @@ jobs: - name: Run all tests (for Linux) if: ${{ matrix.os == 'ubuntu-latest' }} run: xvfb-run --auto-servernum npm run test -- --test-suite ${{ matrix.suite }} --save-stats-to /tmp/artifacts/${{ github.event_name }}_INSERTID.json - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 if: always() with: name: test-results @@ -278,9 +278,9 @@ jobs: if: ${{ !startsWith(github.ref_name, 'release-please') && contains(fromJSON(needs.check-changes.outputs.changes), 'puppeteer') }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -293,7 +293,7 @@ jobs: - name: Pack installation test run: npm pack --workspace @puppeteer-test/installation - name: Upload installation test - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: installation-test path: puppeteer-test-installation-latest.tgz @@ -316,13 +316,13 @@ jobs: - npm steps: - name: Download installation test - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: installation-test - name: Unpack installation test run: tar -xf puppeteer-test-installation-latest.tgz --strip-components 1 -C . - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: ${{ matrix.node }} - name: Set up ${{ matrix.pkg_manager }} @@ -356,11 +356,11 @@ jobs: if: ${{ contains(fromJSON(needs.check-changes.outputs.changes), 'puppeteer') }} steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -388,9 +388,9 @@ jobs: if: ${{ contains(fromJSON(needs.check-changes.outputs.changes), 'ng-schematics') }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -415,9 +415,9 @@ jobs: - macos-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* diff --git a/.github/workflows/devtools.yml b/.github/workflows/devtools.yml index 186a9ded766..39ae0666ea5 100644 --- a/.github/workflows/devtools.yml +++ b/.github/workflows/devtools.yml @@ -18,9 +18,9 @@ jobs: if: contains(github.event.label.name, 'devtools') steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* @@ -39,7 +39,7 @@ jobs: npm pack --workspace puppeteer-core npm pack --workspace puppeteer - name: Upload Puppeteer build - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: puppeteer-build if-no-files-found: error @@ -51,13 +51,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Download Puppeteer build - uses: actions/download-artifact@v3 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: puppeteer-build - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: - node-version: 18 + node-version: lts/* - name: Checkout depot_tools run: git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git - name: Add depot_tools to path diff --git a/.github/workflows/issue-analyzer.yml b/.github/workflows/issue-analyzer.yml index 63aa23c5819..5883df79c89 100644 --- a/.github/workflows/issue-analyzer.yml +++ b/.github/workflows/issue-analyzer.yml @@ -26,7 +26,7 @@ jobs: issues: write steps: - name: Remove labels - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | if (${{ contains(github.event.issue.labels.*.name, 'not-reproducible') }}) { @@ -54,9 +54,9 @@ jobs: }) } - name: Check out repository - uses: actions/checkout@v3.0.2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: lts/* - name: Install dependencies @@ -64,7 +64,7 @@ jobs: - name: Analyze issue id: issue-analysis run: echo $ISSUE_BODY | ./tools/analyze_issue.mjs >> $GITHUB_OUTPUT - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: issue-files path: out/ @@ -79,12 +79,12 @@ jobs: PACKAGE_MANAGER: ${{ needs.analyze-issue.outputs.packageManager }} NODE_VERSION: ${{ needs.analyze-issue.outputs.nodeVersion }} steps: - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: issue-files path: '.' - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version: ${{ env.NODE_VERSION }} - name: Enable corepack @@ -102,7 +102,7 @@ jobs: run: ${{ env.PACKAGE_MANAGER }} run verify env: DEBUG: 'puppeteer:*' - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 if: success() || failure() with: name: runtime-output @@ -120,7 +120,7 @@ jobs: issues: write steps: - name: Add labels - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | github.rest.issues.addLabels({ @@ -130,13 +130,13 @@ jobs: labels: ["confirmed"] }) - name: Find Comment Id - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@a54c31d7fa095754bfef525c0c8e5e5674c4b4b1 # v2.4.0 id: find-comment-id with: issue-number: ${{ github.event.issue.number }} comment-author: 'github-actions[bot]' - name: Upsert comment - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1 with: comment-id: ${{ steps.find-comment-id.outputs.comment-id }} issue-number: ${{ github.event.issue.number }} @@ -157,7 +157,7 @@ jobs: issues: write steps: - name: Add labels - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | github.rest.issues.addLabels({ @@ -167,13 +167,13 @@ jobs: labels: ["invalid"] }) - name: Find Comment Id - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@a54c31d7fa095754bfef525c0c8e5e5674c4b4b1 # v2.4.0 id: find-comment-id with: issue-number: ${{ github.event.issue.number }} comment-author: 'github-actions[bot]' - name: Upsert comment - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1 with: comment-id: ${{ steps.find-comment-id.outputs.comment-id }} issue-number: ${{ github.event.issue.number }} @@ -193,7 +193,7 @@ jobs: issues: write steps: - name: Add labels - uses: actions/github-script@v6 + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 with: script: | github.rest.issues.addLabels({ @@ -203,13 +203,13 @@ jobs: labels: ["not-reproducible", "needs-feedback"] }) - name: Find Comment Id - uses: peter-evans/find-comment@v2 + uses: peter-evans/find-comment@a54c31d7fa095754bfef525c0c8e5e5674c4b4b1 # v2.4.0 id: find-comment-id with: issue-number: ${{ github.event.issue.number }} comment-author: 'github-actions[bot]' - name: Upsert comment - uses: peter-evans/create-or-update-comment@v2 + uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1 with: comment-id: ${{ steps.find-comment-id.outputs.comment-id }} issue-number: ${{ github.event.issue.number }} diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 88a4a179908..0861ee198ff 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -21,7 +21,7 @@ jobs: contents: write steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: ssh-key: ${{ secrets.SSH_PRIVATE_KEY }} - name: Install dependencies diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index cd30f498e28..04a2ed06a97 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -16,7 +16,7 @@ jobs: contents: read steps: - name: Check out repository - uses: actions/checkout@v3.0.2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Install dependencies run: npm ci env: @@ -51,7 +51,7 @@ jobs: IMAGE_NAME: ${{ github.repository }} steps: - name: Check out repository - uses: actions/checkout@v3.0.2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Install dependencies run: npm ci env: @@ -62,21 +62,21 @@ jobs: run: docker/pack.sh # Based on https://docs.github.com/en/actions/publishing-packages/publishing-docker-images. - name: Log in to the Container registry - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@57396166ad8aefe6098280995947635806a0e6ea + uses: docker/metadata-action@c4ee3adeed93b1fa6a762f209fb01608c1a22f1e # v4.4.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | latest type=match,pattern=puppeteer-v(\d+\.\d+\.\d+),group=1 - name: Build and push the Docker image - uses: docker/build-push-action@c84f38281176d4c9cdb1626ffafcd6b3911b5d94 + uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0 with: context: ./docker push: true diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 9976a85b804..bf0fee07ce3 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -25,12 +25,12 @@ jobs: steps: - name: Check out repository - uses: actions/checkout@v3.0.2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: persist-credentials: false - name: 'Run analysis' - uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v1.0.2 + uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 with: results_file: results.sarif results_format: sarif @@ -41,7 +41,7 @@ jobs: # Upload the results as artifacts (optional). - name: 'Upload artifact' - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v2.3.1 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: SARIF file path: results.sarif @@ -49,6 +49,6 @@ jobs: # Upload the results to GitHub’s code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@6a38b7d4a1af70deb1b561eb77db2b5e5a6a1e69 # v1.0.26 + uses: github/codeql-action/upload-sarif@1245696032ecf7d39f87d54daa406e22ddf769a8 # v2.13.4 with: sarif_file: results.sarif diff --git a/.github/workflows/update-browser-pins.yml b/.github/workflows/update-browser-pins.yml index b6148111d8a..79f045441cd 100644 --- a/.github/workflows/update-browser-pins.yml +++ b/.github/workflows/update-browser-pins.yml @@ -13,13 +13,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository - uses: actions/checkout@v3.3.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Node.js - uses: actions/setup-node@v3.5.1 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: npm node-version: lts/* - - uses: google/wireit@setup-github-actions-caching/v1 + - uses: google/wireit@f3a3c79c553122e2fe5829eeac7d815326502903 # setup-github-actions-caching/v1 - name: Install npm dependencies run: npm ci - name: Build Puppeteer @@ -33,7 +33,7 @@ jobs: - name: Update package-lock.json run: npm install --ignore-scripts - name: Create Pull Request - uses: peter-evans/create-pull-request@v5 + uses: peter-evans/create-pull-request@284f54f989303d2699d373481a0cfa13ad5a6666 # v5.0.1 with: token: ${{ secrets.BROWSER_AUTOMATION_BOT_TOKEN }} branch: browser-automation-bot/update-browser-version diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 9c681f0665a..4084e393e9e 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,3 +1,3 @@ { - "recommendations": ["google.wireit"] + "recommendations": ["google.wireit", "GitHub.vscode-github-actions"] }