From 9010ff125ff77b058925898889e0791ba8630c96 Mon Sep 17 00:00:00 2001 From: harshitasao Date: Sun, 18 Aug 2024 08:43:17 +0530 Subject: [PATCH] fix: fixed the pinned dependencies issue Signed-off-by: harshitasao --- .github/workflows/scorecards.yml | 6 +++--- .github/workflows/stale-actions.yml | 2 +- .github/workflows/test-ruby-head.yml | 4 ++-- .github/workflows/test.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index e521169db8..6952e7af55 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -28,7 +28,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false @@ -55,7 +55,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: SARIF file path: results.sarif @@ -64,6 +64,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 with: sarif_file: results.sarif diff --git a/.github/workflows/stale-actions.yml b/.github/workflows/stale-actions.yml index 0c6937f6ef..89815e6712 100644 --- a/.github/workflows/stale-actions.yml +++ b/.github/workflows/stale-actions.yml @@ -12,7 +12,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v9 + - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 diff --git a/.github/workflows/test-ruby-head.yml b/.github/workflows/test-ruby-head.yml index b3b632038e..978183b534 100644 --- a/.github/workflows/test-ruby-head.yml +++ b/.github/workflows/test-ruby-head.yml @@ -19,9 +19,9 @@ jobs: name: Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Ruby - uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 with: ruby-version: ${{ matrix.ruby-version }} - name: Install addons diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7ad8d3d7ad..bd046a76c2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -20,9 +20,9 @@ jobs: name: Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Ruby - uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 with: ruby-version: ${{ matrix.ruby-version }} - name: Install addons