chore(deps): pin dependencies

axeII · Oct 13, 2023 · 6df01e3 · 6df01e3
1 parent 36f008b
commit 6df01e3
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 9 deletions.
diff --git a/.github/workflows/invalid-template.yaml b/.github/workflows/invalid-template.yaml
@@ -12,7 +12,7 @@ jobs:
   support:
     runs-on: ubuntu-22.04
     steps:
-      - uses: dessant/support-requests@v3
+      - uses: dessant/support-requests@b1303caf4438e66dea1130aa4c30189dc28e690d # v3
         with:
           github-token: ${{ github.token }}
           support-label: "template-incomplete"

diff --git a/.github/workflows/megalinter.yaml b/.github/workflows/megalinter.yaml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
         with:
           fetch-depth: 0
       - name: MegaLinter
@@ -37,7 +37,7 @@ jobs:
           SHELLCHECK_OPTS: "-e SC2086"
       - name: Archive production artifacts
         if: ${{ success() }} || ${{ failure() }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
         with:
           name: MegaLinter reports
           path: |

diff --git a/.github/workflows/pluto.yml b/.github/workflows/pluto.yml
@@ -9,7 +9,7 @@ jobs:
   yaml:
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - name: Download Pluto
         uses: FairwindsOps/pluto/github-action@master
 

diff --git a/.github/workflows/scan-containers.yaml b/.github/workflows/scan-containers.yaml
@@ -14,7 +14,7 @@ jobs:
     name: Detect File Changes
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - uses: dorny/paths-filter@v2
         id: filter
         with:
@@ -36,7 +36,7 @@ jobs:
         file: ${{ fromJSON(needs.detect-file-changes.outputs.yaml_files) }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - name: Install Jo
         run: |
           sudo apt-get install jo
@@ -57,7 +57,7 @@ jobs:
       fail-fast: false
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - name: Scan Container
         uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # 0.12.0
         with:
@@ -67,6 +67,6 @@ jobs:
           format: sarif
           output: trivy-results.sarif
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2
         with:
           sarif_file: trivy-results.sarif
diff --git a/.github/workflows/support.yaml b/.github/workflows/support.yaml
@@ -12,7 +12,7 @@ jobs:
   support:
     runs-on: ubuntu-22.04
     steps:
-      - uses: dessant/support-requests@v3
+      - uses: dessant/support-requests@b1303caf4438e66dea1130aa4c30189dc28e690d # v3
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           support-label: "support"