From 1863f475dab95e57b7897428fa16e48add0a77bf Mon Sep 17 00:00:00 2001 From: Joshua Li Date: Mon, 23 Mar 2026 23:54:46 -0700 Subject: [PATCH] chore: pin GitHub Actions to full-length commit SHAs --- .github/workflows/ci.yml | 6 +++--- .github/workflows/release.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b433abd..c02e4a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 name: Checkout code - name: Run linter run: | @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 name: Checkout code - name: Run tests run: | @@ -36,7 +36,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 name: Checkout code - name: Run tests run: cargo build --no-default-features --lib --features cadence diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9171b75..07800b9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,12 +21,12 @@ jobs: with: app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }} private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }} - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: token: ${{ steps.token.outputs.token }} fetch-depth: 0 - name: Prepare release - uses: getsentry/action-prepare-release@v1 + uses: getsentry/action-prepare-release@c8e1c2009ab08259029170132c384f03c1064c0e # v1 env: GITHUB_TOKEN: ${{ steps.token.outputs.token }} with: