[StepSecurity] ci: Harden GitHub Actions #2741

step-security-bot · 2024-10-16T04:43:07Z

Summary

This pull request is created by StepSecurity at the request of @jandubois. Please merge the Pull Request to incorporate the requested changes. Please tag @jandubois on your message if you have any questions related to the PR.

Security Fixes

Pinned Dependencies

GitHub Action tags and Docker tags are mutable. This poses a security risk. GitHub's Security Hardening guide recommends pinning actions to full length commit.

Feedback

For bug reports, feature requests, and general feedback; please email [email protected]. To create such PRs, please visit https://app.stepsecurity.io/securerepo.

Signed-off-by: StepSecurity Bot [email protected]

Signed-off-by: StepSecurity Bot <[email protected]>

Signed-off-by: Jan Dubois <[email protected]>

jandubois

Not sure why this was missed before

step-security-bot and others added 2 commits October 16, 2024 04:43

[StepSecurity] ci: Harden GitHub Actions

23c8c8d

Signed-off-by: StepSecurity Bot <[email protected]>

Adding 2 spaces before YAML comment

3bfa0c8

Signed-off-by: Jan Dubois <[email protected]>

jandubois approved these changes Oct 16, 2024

View reviewed changes

jandubois merged commit ff89881 into lima-vm:master Oct 16, 2024
26 checks passed

jandubois added this to the v1.0 milestone Oct 16, 2024

jandubois added the area/test Tests and CI label Oct 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[StepSecurity] ci: Harden GitHub Actions #2741

[StepSecurity] ci: Harden GitHub Actions #2741

step-security-bot commented Oct 16, 2024

jandubois left a comment

[StepSecurity] ci: Harden GitHub Actions #2741

[StepSecurity] ci: Harden GitHub Actions #2741

Conversation

step-security-bot commented Oct 16, 2024

Summary

Security Fixes

Pinned Dependencies

Feedback

jandubois left a comment

Choose a reason for hiding this comment