Skip to content

Commit 2de2980

Browse files
committed
Pin CI workflow actions to commit SHAs
1 parent e4719bf commit 2de2980

2 files changed

Lines changed: 10 additions & 10 deletions

File tree

.github/workflows/ci.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,8 @@ jobs:
1010
build:
1111
runs-on: ubuntu-latest
1212
steps:
13-
- uses: actions/checkout@v4
14-
- uses: actions/setup-dotnet@v4
13+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
14+
- uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
1515
with:
1616
dotnet-version: '10.0.x'
1717
- run: dotnet restore

.github/workflows/release.yml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ jobs:
1717
rid: win-x64
1818
runs-on: ${{ matrix.os }}
1919
steps:
20-
- uses: actions/checkout@v4
21-
- uses: actions/setup-dotnet@v4
20+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
21+
- uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
2222
with:
2323
dotnet-version: '10.0.x'
2424
- name: Set version from tag
@@ -41,12 +41,12 @@ jobs:
4141
-p:PublishAot=true
4242
-o ./publish/git-fetch-all
4343
- name: Upload git-pull-all
44-
uses: actions/upload-artifact@v4
44+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
4545
with:
4646
name: git-pull-all-${{ matrix.rid }}
4747
path: ./publish/git-pull-all/git-pull-all*
4848
- name: Upload git-fetch-all
49-
uses: actions/upload-artifact@v4
49+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
5050
with:
5151
name: git-fetch-all-${{ matrix.rid }}
5252
path: ./publish/git-fetch-all/git-fetch-all*
@@ -58,8 +58,8 @@ jobs:
5858
permissions:
5959
contents: write
6060
steps:
61-
- uses: actions/checkout@v4
62-
- uses: actions/setup-dotnet@v4
61+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
62+
- uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
6363
with:
6464
dotnet-version: '10.0.x'
6565
- name: Set version from tag
@@ -71,7 +71,7 @@ jobs:
7171
- name: Push to NuGet
7272
run: dotnet nuget push ./artifacts/*.nupkg --api-key ${{ secrets.NUGET_API_KEY }} --source https://api.nuget.org/v3/index.json
7373
- name: Download native binaries
74-
uses: actions/download-artifact@v4
74+
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
7575
with:
7676
path: ./native
7777
- name: Package native binaries
@@ -82,7 +82,7 @@ jobs:
8282
tar -czf "../artifacts/${name}.tar.gz" -C "$dir" .
8383
done
8484
- name: Create GitHub Release
85-
uses: softprops/action-gh-release@v2
85+
uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
8686
with:
8787
files: artifacts/*
8888
generate_release_notes: true

0 commit comments

Comments
 (0)