diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 2a798e2..9014b37 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -22,7 +22,7 @@ jobs: timeout-minutes: 5 runs-on: ubuntu-latest steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3 - uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4 with: python-version: ${{ env.MIN_PYTHON_VERSION }} @@ -44,7 +44,7 @@ jobs: env: DH_IMAGE_NAME: bridgecrew/whorf steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Build Docker image uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5f787f9..7391afe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: version: ${{ steps.version.outputs.version }} major_version: ${{ steps.version.outputs.major_version }} steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4 with: python-version: ${{ env.PYTHON_VERSION }} @@ -73,7 +73,7 @@ jobs: FULL_IMAGE_TAG: ${{ needs.update-checkov.outputs.version }} SHORT_IMAGE_TAG: ${{ needs.update-checkov.outputs.major_version }} steps: - - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: ref: main - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2