diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 267c3b3e827..85b8a966ccf 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -12,7 +12,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: # for gitlint persist-credentials: false ref: ${{ github.event.pull_request.head.sha }} @@ -62,7 +62,7 @@ jobs: - dist: ubuntu14 fail-fast: false steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0 diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 81af701659c..3ef2deba2e0 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -19,7 +19,7 @@ jobs: id-token: write security-events: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml index 63264fd75b3..450f9f8423c 100644 --- a/.github/workflows/update-docker-images.yml +++ b/.github/workflows/update-docker-images.yml @@ -33,7 +33,7 @@ jobs: permissions: packages: write # Get token that can write to ghcr.io steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0