From e8236e1a853004fec957e6b22c8a4d75d144d5e0 Mon Sep 17 00:00:00 2001 From: filtered <176114999+webfiltered@users.noreply.github.com> Date: Sat, 7 Jun 2025 21:06:34 -0700 Subject: [PATCH] [chore] Pin third-party GitHub Actions to commit SHAs (#4076) --- .github/workflows/dev-release.yaml | 2 +- .github/workflows/i18n-custom-nodes.yaml | 2 +- .github/workflows/i18n-node-defs.yaml | 2 +- .github/workflows/release.yaml | 4 ++-- .github/workflows/update-electron-types.yaml | 2 +- .github/workflows/update-litegraph.yaml | 2 +- .github/workflows/update-registry-types.yaml | 2 +- .github/workflows/version-bump.yaml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dev-release.yaml b/.github/workflows/dev-release.yaml index 3e0ff9ffc..177c01df9 100644 --- a/.github/workflows/dev-release.yaml +++ b/.github/workflows/dev-release.yaml @@ -66,7 +66,7 @@ jobs: env: COMFYUI_FRONTEND_VERSION: ${{ format('{0}.dev{1}', needs.build.outputs.version, inputs.devVersion) }} - name: Publish pypi package - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: comfyui_frontend_package/dist diff --git a/.github/workflows/i18n-custom-nodes.yaml b/.github/workflows/i18n-custom-nodes.yaml index 5678333ac..8d2c35499 100644 --- a/.github/workflows/i18n-custom-nodes.yaml +++ b/.github/workflows/i18n-custom-nodes.yaml @@ -136,7 +136,7 @@ jobs: git commit -m "Update locales" - name: Install SSH key For PUSH - uses: shimataro/ssh-key-action@v2 + uses: shimataro/ssh-key-action@d4fffb50872869abe2d9a9098a6d9c5aa7d16be4 with: # PR private key from action server key: ${{ secrets.PR_SSH_PRIVATE_KEY }} diff --git a/.github/workflows/i18n-node-defs.yaml b/.github/workflows/i18n-node-defs.yaml index b9c9af6e3..3e672cbd1 100644 --- a/.github/workflows/i18n-node-defs.yaml +++ b/.github/workflows/i18n-node-defs.yaml @@ -33,7 +33,7 @@ jobs: OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} working-directory: ComfyUI_frontend - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e with: token: ${{ secrets.PR_GH_TOKEN }} commit-message: "Update locales for node definitions" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 660cc061a..d61ed22de 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -54,7 +54,7 @@ jobs: name: dist-files - name: Create release id: create_release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -93,7 +93,7 @@ jobs: env: COMFYUI_FRONTEND_VERSION: ${{ needs.build.outputs.version }} - name: Publish pypi package - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc with: password: ${{ secrets.PYPI_TOKEN }} packages-dir: comfyui_frontend_package/dist diff --git a/.github/workflows/update-electron-types.yaml b/.github/workflows/update-electron-types.yaml index 3cfd99689..2430cf5e5 100644 --- a/.github/workflows/update-electron-types.yaml +++ b/.github/workflows/update-electron-types.yaml @@ -30,7 +30,7 @@ jobs: echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_OUTPUT - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e with: token: ${{ secrets.PR_GH_TOKEN }} commit-message: '[chore] Update electron-types to ${{ steps.get-version.outputs.NEW_VERSION }}' diff --git a/.github/workflows/update-litegraph.yaml b/.github/workflows/update-litegraph.yaml index 367e39589..bc77f3a55 100644 --- a/.github/workflows/update-litegraph.yaml +++ b/.github/workflows/update-litegraph.yaml @@ -29,7 +29,7 @@ jobs: echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_OUTPUT - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e with: token: ${{ secrets.PR_GH_TOKEN }} commit-message: '[chore] Update litegraph to ${{ steps.get-version.outputs.NEW_VERSION }}' diff --git a/.github/workflows/update-registry-types.yaml b/.github/workflows/update-registry-types.yaml index e3cbe758b..5382ae1ff 100644 --- a/.github/workflows/update-registry-types.yaml +++ b/.github/workflows/update-registry-types.yaml @@ -75,7 +75,7 @@ jobs: - name: Create Pull Request if: steps.check-changes.outputs.changed == 'true' - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e with: token: ${{ secrets.PR_GH_TOKEN }} commit-message: '[chore] Update Comfy Registry API types from comfy-api@${{ steps.api-info.outputs.commit }}' diff --git a/.github/workflows/version-bump.yaml b/.github/workflows/version-bump.yaml index cf3e29c19..b951fb756 100644 --- a/.github/workflows/version-bump.yaml +++ b/.github/workflows/version-bump.yaml @@ -38,7 +38,7 @@ jobs: echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_OUTPUT - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e with: token: ${{ secrets.PR_GH_TOKEN }} commit-message: '[release] Bump version to ${{ steps.bump-version.outputs.NEW_VERSION }}'