Merge pull request #729 from Iterable/MOB-8396-isrr-515

jyu115 · web-flow · commit 20a9821e7653 · 2024-05-01T16:23:03.000-04:00
[MOB-8396] address git action commit hash vulnerability and update to latest
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -10,13 +10,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v1
+        uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2
 
       - name: Configure JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@d202f5dbf7256730fb690ec59f6381650114feb2 # v1.4.3
         with:
           java-version: 11
 
@@ -33,23 +33,23 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v1
+        uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2
 
       - name: Configure JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@d202f5dbf7256730fb690ec59f6381650114feb2 # v1.4.3
         with:
-            java-version: 11
+          java-version: 11
 
       - run: touch local.properties
 
       - name: Test
         run: ./gradlew :iterableapi:jacocoTestDebugUnitTestReport :app:jacocoDebugTestReport
 
       - name: Upload coverage data
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: unit-tests
           path: |
@@ -58,29 +58,29 @@ jobs:
 
   instrumentation-tests:
     name: Instrumentation tests
-    runs-on: macos-latest
+    runs-on: macos-12
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v1
+        uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2
 
       - name: Configure JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@d202f5dbf7256730fb690ec59f6381650114feb2 # v1.4.3
         with:
-            java-version: 11
+          java-version: 11
 
       - run: touch local.properties
 
       - name: Test
-        uses: reactivecircus/android-emulator-runner@v2
+        uses: reactivecircus/android-emulator-runner@6b0df4b0efb23bb0ec63d881db79aefbc976e4b2 # v2.30.1
         with:
           api-level: 28
           script: ./gradlew :iterableapi:connectedCheck :app:jacocoDebugAndroidTestReport
 
       - name: Upload coverage data
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: instrumentation-tests
           path: |
@@ -95,10 +95,12 @@ jobs:
       JACOCO_SOURCE_PATH: "iterableapi/src/main/java iterableapi-ui/src/main/java"
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          fetch-depth: 0
 
       - name: Configure JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@d202f5dbf7256730fb690ec59f6381650114feb2 # v1.4.3
         with:
           java-version: 11
 
@@ -107,12 +109,12 @@ jobs:
       - run: ./cc-test-reporter before-build
 
       - name: Download unit tests coverage
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
         with:
           name: unit-tests
 
       - name: Download instrumentation tests coverage
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
         with:
           name: instrumentation-tests
 
@@ -123,4 +125,4 @@ jobs:
       - run: ./cc-test-reporter format-coverage app/build/reports/jacoco/jacocoDebugAndroidTestReport/jacocoDebugAndroidTestReport.xml --input-type jacoco -d
       - run: ./cc-test-reporter upload-coverage
         env:
-          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
+          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
@@ -10,15 +10,15 @@ jobs:
     name: Create Jira Issue
     steps:
       - name: Login
-        uses: atlassian/gajira-login@v3
+        uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_ILYA_USER_EMAIL }}
           JIRA_API_TOKEN: ${{ secrets.JIRA_ILYA_API_TOKEN }}
 
       - name: Create
         id: create
-        uses: atlassian/gajira-create@v3
+        uses: atlassian/gajira-create@1ff0b6bd115a780592b47bfbb63fc4629132e6ec # v3
         with:
           project: MOB
           issuetype: Bug
