From a16da5d64e4780917b7e4f22623b097c8c5a152a Mon Sep 17 00:00:00 2001 From: Fred Bricon Date: Fri, 17 Feb 2023 10:19:51 +0100 Subject: [PATCH 1/5] Pin 3rd-party actions to SHA1 in .github/workflows/enforce_conventional_commit.yml --- .github/workflows/enforce_conventional_commit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/enforce_conventional_commit.yml b/.github/workflows/enforce_conventional_commit.yml index 5dede995..c8dbb4f1 100644 --- a/.github/workflows/enforce_conventional_commit.yml +++ b/.github/workflows/enforce_conventional_commit.yml @@ -11,4 +11,4 @@ jobs: - uses: actions/checkout@v2 with: fetch-depth: 0 - - uses: wagoid/commitlint-github-action@v2 + - uses: wagoid/commitlint-github-action@4b1bcb1c72f99fbd6aa6b34cc3fb59200f01f993 #v2 From 50a9dafdb94fe6aca80ba7f76a55eb0606e57803 Mon Sep 17 00:00:00 2001 From: Fred Bricon Date: Fri, 17 Feb 2023 10:19:51 +0100 Subject: [PATCH 2/5] Pin 3rd-party actions to SHA1 in .github/workflows/release.yml --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 72c52c5d..3bdda4d8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: id: version-number run: echo "::set-output name=version::$(cat olm/version)" - name: Commit updated version - uses: ad-m/github-push-action@master + uses: ad-m/github-push-action@0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e #master with: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Login to Quay.io From 8705cf63c0cef82eaaab2d64108de16480a11325 Mon Sep 17 00:00:00 2001 From: Fred Bricon Date: Fri, 17 Feb 2023 10:19:52 +0100 Subject: [PATCH 3/5] Pin 3rd-party actions to SHA1 in .github/workflows/issue-labeler.yml --- .github/workflows/issue-labeler.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/issue-labeler.yml b/.github/workflows/issue-labeler.yml index a9047c7f..d8a6c367 100644 --- a/.github/workflows/issue-labeler.yml +++ b/.github/workflows/issue-labeler.yml @@ -7,7 +7,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: github/issue-labeler@v2.4 + - uses: github/issue-labeler@829a8bf1b184f74cc575b5435093a92c7b846983 #v2.4 with: repo-token: "${{ secrets.PROJECT_MANAGER_TOKEN }}" configuration-path: .github/labeler.yml From a8fd1887beafb5ca16ab2d6804acf59faa44cd09 Mon Sep 17 00:00:00 2001 From: Fred Bricon Date: Fri, 17 Feb 2023 10:19:53 +0100 Subject: [PATCH 4/5] Pin 3rd-party actions to SHA1 in .github/workflows/changelog.yaml --- .github/workflows/changelog.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yaml index 0eb058e0..4e4b6d12 100644 --- a/.github/workflows/changelog.yaml +++ b/.github/workflows/changelog.yaml @@ -16,13 +16,13 @@ jobs: - name: Install git-chglog - uses: craicoverflow/install-git-chglog@v1 + uses: craicoverflow/install-git-chglog@6d338c1d96dcbf12a2115fbe8e5b9817293aae33 #v1 - name: Generate a CHANGELOG run: git-chglog -o CHANGELOG.md - - uses: stefanzweifel/git-auto-commit-action@v4 + - uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a #v4 with: branch: main file_pattern: CHANGELOG.md From 6caa497629ac1d8cfe6139b515529d61f8c9510a Mon Sep 17 00:00:00 2001 From: Fred Bricon Date: Fri, 17 Feb 2023 10:19:53 +0100 Subject: [PATCH 5/5] Pin 3rd-party actions to SHA1 in .github/workflows/website.yml --- .github/workflows/website.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/website.yml b/.github/workflows/website.yml index 8d50da08..eff7f18e 100644 --- a/.github/workflows/website.yml +++ b/.github/workflows/website.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@v2 - name: asciidoctor-ghpages - uses: manoelcampos/asciidoctor-ghpages-action@v2 + uses: manoelcampos/asciidoctor-ghpages-action@9527ff583929b1000c23c209123bba4e98a21f08 #v2 with: asciidoctor_params: --attribute=nofooter pdf_build: false