From 303c39d7284c31220efd95a77d78e353524aa2c9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 1 Feb 2024 19:26:25 +0000 Subject: [PATCH] Pin gradle/gradle-build-action action to a8f7551 [SECURITY] --- .github/workflows/ci.yml | 4 ++-- .github/workflows/dependency-graph.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e5b932a..1909a9a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,7 @@ jobs: jdkFile: ${{ steps.download-java.outputs.jdkFile }} - name: Build & Test - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2 with: arguments: build --info @@ -51,6 +51,6 @@ jobs: - name: Publish To Sonatype if: github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2 with: arguments: publishAllPublicationsToMavenCentral \ No newline at end of file diff --git a/.github/workflows/dependency-graph.yml b/.github/workflows/dependency-graph.yml index 6568516..237d4ed 100644 --- a/.github/workflows/dependency-graph.yml +++ b/.github/workflows/dependency-graph.yml @@ -36,12 +36,12 @@ jobs: jdkFile: ${{ steps.download-java.outputs.jdkFile }} - name: Setup Dependency Graph - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2 with: dependency-graph: generate-and-submit - name: Generate Dependency Graph Snapshot - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa # v2 env: DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS: 'compileClasspath|runtimeClasspath' with: