chore(deps): pin dependencies

DelineaXPM · Aug 19, 2024 · 1dbaf2d · 1dbaf2d
1 parent ce6aa39
commit 1dbaf2d
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -23,7 +23,7 @@ jobs:
       contents: read # For repo checkout
     steps:
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
       - name: set-aqua-policy-if-file-exists
         run: |
           if [[ -f aqua-policy.yaml ]]; then
@@ -56,7 +56,7 @@ jobs:
       GH_TOKEN: ${{ github.token }}
       GITHUB_REF_BRANCH: ${{ github.ref }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
         with:
           fetch-depth: 0
           ref: ${{ env.GITHUB_REF_BRANCH }}

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -53,7 +53,7 @@ jobs:
       # This should be informational, and not block as it's experimental and no exclusion logic at this time that I've found.
       # https://go.dev/security/vuln/#feedback
       - name: govuln-scan
-        uses: elgohr/go-vulncheck-action@e73217f293105d5418d631c4d308eb0c27943f1d # renovate tag=v1
+        uses: elgohr/go-vulncheck-action@2325facbb97c96a945c48e644308c756e1af2cba # renovate tag=v1
         continue-on-error: true
       # - name: mage-vulcheck
       #   run: |
@@ -76,7 +76,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@e113c555ef0956479345cfc3ed530c938d670db0 # v2
+        uses: github/codeql-action/init@d65d0c9607eef71d396c103df6032f9561fcb3c6 # v2
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -89,7 +89,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@e113c555ef0956479345cfc3ed530c938d670db0 # v2
+        uses: github/codeql-action/autobuild@d65d0c9607eef71d396c103df6032f9561fcb3c6 # v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -101,6 +101,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@e113c555ef0956479345cfc3ed530c938d670db0 # v2
+        uses: github/codeql-action/analyze@d65d0c9607eef71d396c103df6032f9561fcb3c6 # v2
         with:
           category: '/language:${{matrix.language}}'