Skip to content

Commit f7a0a1e

Browse files
ismisepaulismisepaul
authored
pinning github actions
1 parent db91a68 commit f7a0a1e

File tree

3 files changed

+11
-11
lines changed

3 files changed

+11
-11
lines changed

.github/workflows/go.yml

+4-4
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ jobs:
9696
uses: actions/checkout@v4
9797
-
9898
name: Lint code
99-
uses: golangci/golangci-lint-action@v6
99+
uses: golangci/golangci-lint-action@4696ba8babb6127d732c3c6dde519db15edab9ea # v6.5.1
100100
with:
101101
version: latest
102102
args: --timeout=10m
@@ -127,7 +127,7 @@ jobs:
127127
run: go mod download
128128
-
129129
name: Setup gotestsum
130-
uses: autero1/action-gotestsum@v2.0.0
130+
uses: autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
131131
with:
132132
gotestsum_version: 1.12.0
133133
-
@@ -160,7 +160,7 @@ jobs:
160160
run: go mod download
161161
-
162162
name: Setup gotestsum
163-
uses: autero1/action-gotestsum@v2.0.0
163+
uses: autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
164164
with:
165165
gotestsum_version: 1.12.0
166166
-
@@ -193,7 +193,7 @@ jobs:
193193
run: go mod download
194194
-
195195
name: Setup gotestsum
196-
uses: autero1/action-gotestsum@v2.0.0
196+
uses: autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
197197
with:
198198
gotestsum_version: 1.12.0
199199
-

.github/workflows/releaser.yml

+4-4
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ jobs:
3939
${{ runner.os }}-go-
4040
-
4141
name: Download cyclonedx-gomod
42-
uses: Zenithar/gh-gomod-generate-sbom@v1.0.1
42+
uses: Zenithar/gh-gomod-generate-sbom@cd97098f01c993f4aa90ccb8aaf6d795d6194898 # v1.0.1
4343
with:
4444
version: v1.2.0
4545
env:
@@ -49,7 +49,7 @@ jobs:
4949
uses: sigstore/cosign-installer@v3.8.1
5050
-
5151
name: Import Code-Signing Certificates
52-
uses: Apple-Actions/import-codesign-certs@v3
52+
uses: Apple-Actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3
5353
with:
5454
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
5555
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
@@ -61,7 +61,7 @@ jobs:
6161
brew install coreutils
6262
-
6363
name: Run GoReleaser
64-
uses: goreleaser/goreleaser-action@v6
64+
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
6565
with:
6666
version: latest
6767
args: release --rm-dist --skip-publish
@@ -183,7 +183,7 @@ jobs:
183183
done
184184
-
185185
name: Upload to release
186-
uses: AButler/upload-release-assets@v2.0
186+
uses: AButler/upload-release-assets@ec6d3263266dc57eb6645b5f75e827987f7c217d # v2.0
187187
with:
188188
files: '.dist/*'
189189
repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/security.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
run: go list -json -m all > go.list
3131
-
3232
name: Nancy
33-
uses: sonatype-nexus-community/nancy-github-action@v1.0.3
33+
uses: sonatype-nexus-community/nancy-github-action@aae196481b961d446f4bff9012e4e3b63d7921a4 # v1.0.2
3434

3535
trivy:
3636
name: Trivy scanner
@@ -46,7 +46,7 @@ jobs:
4646
uses: actions/checkout@v4
4747
-
4848
name: Run Trivy vulnerability scanner in repo mode
49-
uses: aquasecurity/trivy-action@master
49+
uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
5050
with:
5151
scan-type: 'fs'
5252
ignore-unfixed: true
@@ -101,7 +101,7 @@ jobs:
101101
-
102102
uses: actions/checkout@v4
103103
-
104-
uses: returntocorp/semgrep-action@v1
104+
uses: returntocorp/semgrep-action@713efdd345f3035192eaa63f56867b88e63e4e5d # v1
105105
with:
106106
generateSarif: "1"
107107
config: >-

0 commit comments

Comments
 (0)