diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a604518997..e07cf9ee15 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 6986da7648..a7361f931f 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -16,7 +16,7 @@ jobs: contents: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 with: python-version: 3.x diff --git a/.github/workflows/gh-packages.yaml b/.github/workflows/gh-packages.yaml index 4da0cf3805..afbd594535 100644 --- a/.github/workflows/gh-packages.yaml +++ b/.github/workflows/gh-packages.yaml @@ -23,7 +23,7 @@ jobs: packages: write # to push packages steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-go@bfd2fb341f32be7281829126376a12a780ca79fc with: diff --git a/.github/workflows/master.yaml b/.github/workflows/master.yaml index 7d47290fa7..f1591188f4 100644 --- a/.github/workflows/master.yaml +++ b/.github/workflows/master.yaml @@ -12,7 +12,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-go@bfd2fb341f32be7281829126376a12a780ca79fc with: # https://www.npmjs.com/package/semver#caret-ranges-123-025-004 diff --git a/.github/workflows/openssf-scorecard.yaml b/.github/workflows/openssf-scorecard.yaml index 7d09c5da95..adbf927342 100644 --- a/.github/workflows/openssf-scorecard.yaml +++ b/.github/workflows/openssf-scorecard.yaml @@ -34,7 +34,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v3.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.1.0 with: persist-credentials: false diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 9567ffac7a..3d67d0a38e 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -10,7 +10,7 @@ jobs: image: returntocorp/semgrep steps: # Retrieve the source code for the repository - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # Fetch the semgrep rules - run: git clone https://github.com/dgryski/semgrep-go.git # Run the rule checker using the fetched rules @@ -19,7 +19,7 @@ jobs: check-race: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-go@bfd2fb341f32be7281829126376a12a780ca79fc with: # https://www.npmjs.com/package/semver#caret-ranges-123-025-004 @@ -31,7 +31,7 @@ jobs: tests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-go@bfd2fb341f32be7281829126376a12a780ca79fc with: # https://www.npmjs.com/package/semver#caret-ranges-123-025-004