diff --git a/.github/workflows/automatePR.yml b/.github/workflows/automatePR.yml index bcc1634a9..7d460fd6d 100644 --- a/.github/workflows/automatePR.yml +++ b/.github/workflows/automatePR.yml @@ -16,7 +16,7 @@ jobs: actions: write steps: - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab with: repository: step-security/secure-repo diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 25a92ea46..4e6197316 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/int.yml b/.github/workflows/int.yml index 5fc4494f0..9e6807e7c 100644 --- a/.github/workflows/int.yml +++ b/.github/workflows/int.yml @@ -19,7 +19,7 @@ jobs: with: egress-policy: audit - name: Checkout - uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab with: fetch-depth: 0 - name: Set up Go diff --git a/.github/workflows/kb-test.yml b/.github/workflows/kb-test.yml index c129faa68..dc3e7c6ef 100644 --- a/.github/workflows/kb-test.yml +++ b/.github/workflows/kb-test.yml @@ -25,7 +25,7 @@ jobs: objects.githubusercontent.com:443 golang.org:443 - name: Checkout - uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2 with: ref: ${{ github.event.pull_request.head.sha }} - name: Set up Go diff --git a/.github/workflows/kbanalysis.yml b/.github/workflows/kbanalysis.yml index d13f88de2..3e86ae117 100644 --- a/.github/workflows/kbanalysis.yml +++ b/.github/workflows/kbanalysis.yml @@ -26,7 +26,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@d0651293c4a5a52e711f25b41b05b2212f385d28 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab with: repository: step-security/secure-repo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2ec3f2b4a..d2450ff94 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - name: Checkout - uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab with: fetch-depth: 0 - name: Set up Go diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index d5a7379b3..f6273d762 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.1.0 with: persist-credentials: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 869959f5a..52d2c4fe7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,7 +30,7 @@ jobs: objects.githubusercontent.com:443 golang.org:443 - name: Checkout - uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2 with: ref: ${{ github.event.pull_request.head.sha }} - name: Set up Go