diff --git a/.github/workflows/binance-lev-tier-update.yml b/.github/workflows/binance-lev-tier-update.yml index ba1999fd6..278d85413 100644 --- a/.github/workflows/binance-lev-tier-update.yml +++ b/.github/workflows/binance-lev-tier-update.yml @@ -34,7 +34,7 @@ jobs: run: python build_helpers/binance_update_lev_tiers.py - - uses: peter-evans/create-pull-request@v7 + - uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: token: ${{ secrets.REPO_SCOPED_TOKEN }} add-paths: freqtrade/exchange/binance_leverage_tiers.json diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e45f85481..076f1e999 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,7 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2 with: enable-cache: true python-version: ${{ matrix.python-version }} @@ -144,7 +144,7 @@ jobs: mypy freqtrade scripts tests - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: failure() && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) with: severity: error @@ -170,7 +170,7 @@ jobs: check-latest: true - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2 with: enable-cache: true python-version: ${{ matrix.python-version }} @@ -270,7 +270,7 @@ jobs: mypy freqtrade scripts - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: failure() && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) with: severity: info @@ -296,7 +296,7 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2 with: enable-cache: true python-version: ${{ matrix.python-version }} @@ -363,7 +363,7 @@ jobs: shell: powershell - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: failure() && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) with: severity: error @@ -397,7 +397,7 @@ jobs: - uses: actions/setup-python@v5 with: python-version: "3.12" - - uses: pre-commit/action@v3.0.1 + - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 docs-check: runs-on: ubuntu-22.04 @@ -421,7 +421,7 @@ jobs: mkdocs build - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: failure() && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) with: severity: error @@ -443,7 +443,7 @@ jobs: python-version: "3.12" - name: Install uv - uses: astral-sh/setup-uv@v5 + uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2 with: enable-cache: true python-version: "3.12" @@ -501,14 +501,14 @@ jobs: - name: Check user permission id: check - uses: scherermichael-oss/action-has-permission@1.0.6 + uses: scherermichael-oss/action-has-permission@136e061bfe093832d87f090dd768e14e27a740d3 # 1.0.6 with: required-permission: write env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: always() && steps.check.outputs.has-permission && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) with: severity: info @@ -580,7 +580,7 @@ jobs: merge-multiple: true - name: Publish to PyPI (Test) - uses: pypa/gh-action-pypi-publish@v1.12.4 + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 with: repository-url: https://test.pypi.org/legacy/ @@ -609,7 +609,7 @@ jobs: merge-multiple: true - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@v1.12.4 + uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 deploy-docker: @@ -650,11 +650,11 @@ jobs: docker version -f '{{.Server.Experimental}}' - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 #v3.10.0 - name: Available platforms run: echo ${PLATFORMS} @@ -703,7 +703,7 @@ jobs: build_helpers/publish_docker_arm64.sh - name: Discord notification - uses: rjstone/discord-webhook-notify@v1 + uses: rjstone/discord-webhook-notify@89b0bf43c2c8514f70d0dcba4a706b904e8a3112 #v1.0.4 if: always() && ( github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false) && (github.event_name != 'schedule') with: severity: info diff --git a/.github/workflows/devcontainer-build.yml b/.github/workflows/devcontainer-build.yml index 12b55c6ed..9e49ffed3 100644 --- a/.github/workflows/devcontainer-build.yml +++ b/.github/workflows/devcontainer-build.yml @@ -28,13 +28,13 @@ jobs: with: persist-credentials: false - name: Login to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Pre-build dev container image - uses: devcontainers/ci@v0.3 + uses: devcontainers/ci@8bf61b26e9c3a98f69cb6ce2f88d24ff59b785c6 # v0.3.19 with: subFolder: .github imageName: ghcr.io/${{ github.repository }}-devcontainer diff --git a/.github/workflows/docker-update-readme.yml b/.github/workflows/docker-update-readme.yml index 7f00c01c0..b34f8c38d 100644 --- a/.github/workflows/docker-update-readme.yml +++ b/.github/workflows/docker-update-readme.yml @@ -16,7 +16,7 @@ jobs: persist-credentials: false - name: Docker Hub Description - uses: peter-evans/dockerhub-description@v4 + uses: peter-evans/dockerhub-description@432a30c9e07499fd01da9f8a49f0faf9e0ca5b77 # v4.0.2 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/pre-commit-update.yml b/.github/workflows/pre-commit-update.yml index 5996dddf9..8fb8684a6 100644 --- a/.github/workflows/pre-commit-update.yml +++ b/.github/workflows/pre-commit-update.yml @@ -28,7 +28,7 @@ jobs: - name: Run auto-update run: pre-commit autoupdate - - uses: peter-evans/create-pull-request@v7 + - uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: token: ${{ secrets.REPO_SCOPED_TOKEN }} add-paths: .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 25dabd168..55a6f0cea 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -43,7 +43,7 @@ repos: - repo: https://github.com/charliermarsh/ruff-pre-commit # Ruff version. - rev: 'v0.11.5' + rev: 'v0.11.6' hooks: - id: ruff - id: ruff-format @@ -82,6 +82,6 @@ repos: # Ensure github actions remain safe - repo: https://github.com/woodruffw/zizmor-pre-commit - rev: v1.5.2 + rev: v1.6.0 hooks: - id: zizmor