From c11076ee947371573bb82b9523512a25ac779589 Mon Sep 17 00:00:00 2001
From: Ludy <Ludy87@users.noreply.github.com>
Date: Fri, 10 Jan 2025 12:25:23 +0100
Subject: [PATCH] Fix: Pinned-Dependencies sync_files.yml (#2660)

# Description

https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/58

## Checklist

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
---
 .github/scripts/requirements_sync_readme.in  |  1 +
 .github/scripts/requirements_sync_readme.txt | 10 ++++++++++
 .github/workflows/sync_files.yml             |  2 +-
 .pre-commit-config.yaml                      |  2 +-
 4 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 .github/scripts/requirements_sync_readme.in
 create mode 100644 .github/scripts/requirements_sync_readme.txt

diff --git a/.github/scripts/requirements_sync_readme.in b/.github/scripts/requirements_sync_readme.in
new file mode 100644
index 00000000..8141b831
--- /dev/null
+++ b/.github/scripts/requirements_sync_readme.in
@@ -0,0 +1 @@
+tomlkit
diff --git a/.github/scripts/requirements_sync_readme.txt b/.github/scripts/requirements_sync_readme.txt
new file mode 100644
index 00000000..6b72d408
--- /dev/null
+++ b/.github/scripts/requirements_sync_readme.txt
@@ -0,0 +1,10 @@
+#
+# This file is autogenerated by pip-compile with Python 3.10
+# by the following command:
+#
+#    pip-compile --generate-hashes --output-file='.github\scripts\requirements_sync_readme.txt' '.github\scripts\requirements_sync_readme.in'
+#
+tomlkit==0.13.2 \
+    --hash=sha256:7a974427f6e119197f670fbbbeae7bef749a6c14e793db934baefc1b5f03efde \
+    --hash=sha256:fff5fe59a87295b278abd31bec92c15d9bc4a06885ab12bcea52c71119392e79
+    # via -r .github\scripts\requirements_sync_readme.in
diff --git a/.github/workflows/sync_files.yml b/.github/workflows/sync_files.yml
index 60047031..d09ec377 100644
--- a/.github/workflows/sync_files.yml
+++ b/.github/workflows/sync_files.yml
@@ -30,7 +30,7 @@ jobs:
         with:
           python-version: "3.12"
       - name: Install dependencies
-        run: pip install tomlkit
+        run: pip install --require-hashes -r ./.github/scripts/requirements_sync_readme.txt
       - name: Sync README
         run: python scripts/counter_translation.py
       - name: Set up git config
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index b603099d..5256f897 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -20,7 +20,7 @@ repos:
           - --skip="./.*,*.csv,*.json,*.ambr"
           - --quiet-level=2
         files: \.(properties|html|css|js|py|md)$
-        exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile)
+        exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile|.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js)
   - repo: https://github.com/gitleaks/gitleaks
     rev: v8.22.0
     hooks: