From f7bcf6500b6b41a0f41749184a64fcce347dce6a Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Tue, 18 Apr 2023 01:37:21 +0200 Subject: [PATCH] Pin GitHub Actions to specific commits for security --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eb3aa58..12e6c3e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,10 +15,10 @@ jobs: name: Run the Test Suite runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v3 + uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: python-version: ${{ matrix.python-version }}