88 - cron : ' 30 10 * * *'
99 workflow_dispatch :
1010
11+ permissions :
12+ contents : read
13+
1114jobs :
1215
1316 build :
@@ -130,7 +133,7 @@ jobs:
130133
131134 steps :
132135 - name : Sync Repository
133- uses : actions/checkout@v4
136+ uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
134137 with :
135138 submodules : recursive
136139
@@ -180,7 +183,7 @@ jobs:
180183
181184name : Install Python ${{ matrix.python }}
182185 if : matrix.python != 'None'
183- uses : actions/setup-python@v5
186+ uses : actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
184187 with :
185188 python-version : ${{ matrix.python }}
186189 architecture : ${{ matrix.architecture }}
@@ -322,48 +325,48 @@ jobs:
322325
323326 - name : Upload Installed Package
324327 if : matrix.python != 'None'
325- uses : actions/upload-artifact@v4
328+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
326329 with :
327330 name : MaterialX_${{ matrix.name }}
328331 path : build/installed/
329332
330333 - name : Upload Formatted Source
331334 if : matrix.clang_format == 'ON'
332- uses : actions/upload-artifact@v4
335+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
333336 with :
334337 name : MaterialX_ClangFormat
335338 path : source
336339
337340 - name : Upload Reference Shaders
338- uses : actions/upload-artifact@v4
341+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
339342 if : matrix.upload_shaders == 'ON'
340343 with :
341344 name : MaterialX_ReferenceShaders
342345 path : build/bin/reference/
343346
344347 - name : Upload Renders
345- uses : actions/upload-artifact@v4
348+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
346349 if : matrix.test_render == 'ON'
347350 with :
348351 name : Renders_${{ matrix.name }}
349352 path : build/render/*.png
350353
351354 - name : Upload Resources (MacOS)
352- uses : actions/upload-artifact@v4
355+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
353356 if : matrix.test_render == 'ON' && runner.os == 'macOS'
354357 with :
355358 name : Resources_${{ matrix.name }}
356359 path : build/bin/resources
357360
358361 - name : Upload Coverage Report
359- uses : actions/upload-artifact@v4
362+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
360363 if : matrix.coverage_analysis == 'ON'
361364 with :
362365 name : MaterialX_Coverage
363366 path : build/coverage
364367
365368 - name : Upload Perfetto Traces
366- uses : actions/upload-artifact@v4
369+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
367370 if : matrix.extended_build_perfetto == 'ON' && env.IS_EXTENDED_BUILD == 'true'
368371 with :
369372 name : Traces_${{ matrix.name }}
@@ -376,7 +379,7 @@ jobs:
376379
377380 steps :
378381 - name : Sync Repository
379- uses : actions/checkout@v4
382+ uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
380383
381384 - name : Install Emscripten
382385 run : |
@@ -388,7 +391,7 @@ jobs:
388391 echo "EMSDK=$EMSDK" >> $GITHUB_ENV
389392
390393name : Install Node
391- uses : actions/setup-node@v4
394+ uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
392395 with :
393396 node-version : ' 22.16.0'
394397
@@ -420,7 +423,7 @@ jobs:
420423 single-commit : true
421424
422425 - name : Upload JavaScript Package
423- uses : actions/upload-artifact@v4
426+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
424427 with :
425428 name : MaterialX_JavaScript
426429 path : javascript/build/installed/JavaScript/MaterialX
@@ -434,10 +437,10 @@ jobs:
434437
435438 steps :
436439 - name : Sync Repository
437- uses : actions/checkout@v4
440+ uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
438441
439442 - name : Install Python
440- uses : actions/setup-python@v5
443+ uses : actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
441444 with :
442445 python-version : 3.11
443446
@@ -449,7 +452,7 @@ jobs:
449452 echo "filename=$(ls dist)" >> "$GITHUB_OUTPUT"
450453
451454name : Upload SDist
452- uses : actions/upload-artifact@v4
455+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
453456 with :
454457 name : MaterialX_Python_SDist
455458 path : dist/*.tar.gz
@@ -467,25 +470,25 @@ jobs:
467470
468471 steps :
469472 - name : Sync Repository
470- uses : actions/checkout@v4
473+ uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
471474
472475 - name : Install Python 3.${{ matrix.python-minor }}
473- uses : actions/setup-python@v5
476+ uses : actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
474477 with :
475478 python-version : 3.${{ matrix.python-minor }}
476479
477480 - name : Download Sdist
478- uses : actions/download-artifact@v4
481+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
479482 with :
480483 name : MaterialX_Python_SDist
481484 path : sdist
482485
483486 - name : Install Doxygen (Windows)
484- uses : ssciwr/doxygen-install@v1
487+ uses : ssciwr/doxygen-install@f13be1686235deee0aeb6cdf56640170691dc96b # v1
485488 if : runner.os == 'Windows'
486489
487490 - name : Build Wheel
488- uses : pypa/cibuildwheel@v2.23.2
491+ uses : pypa/cibuildwheel@6a41245b42fcb325223b8793746f10456ed07436 # v2.23.2
489492 with :
490493 package-dir : ${{ github.workspace }}/sdist/${{ needs.sdist.outputs.sdist_filename }}
491494 env :
@@ -509,7 +512,7 @@ jobs:
509512working-directory : python
510513
511514 - name : Upload Wheel
512- uses : actions/upload-artifact@v4
515+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
513516 with :
514517 name : MaterialX_Python_Wheel_${{ runner.os }}_3_${{ matrix.python-minor }}
515518 path : wheelhouse/*.whl
0 commit comments