diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index 03880e7..60027e4 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -29,7 +29,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index 0c601fd..239e453 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -8,7 +8,7 @@ jobs: if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 with: token: ${{ secrets.PAT_TOKEN }} fetch-depth: 0 # otherwise, you will failed to push refs to dest repo diff --git a/.github/workflows/sync-release-version.yml b/.github/workflows/sync-release-version.yml index 5aff5a4..530dca9 100644 --- a/.github/workflows/sync-release-version.yml +++ b/.github/workflows/sync-release-version.yml @@ -8,7 +8,7 @@ jobs: update-version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 with: fetch-depth: 0 - name: Run release-tagger diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 576f94e..bd7b0ad 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - name: shellcheck uses: reviewdog/action-shellcheck@v1 @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - name: Run test uses: ./ - name: Verify Changed files diff --git a/.github/workflows/update-readme.yml b/.github/workflows/update-readme.yml index 9a4e87a..e8a9e4e 100644 --- a/.github/workflows/update-readme.yml +++ b/.github/workflows/update-readme.yml @@ -9,7 +9,7 @@ jobs: sync-assets: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0