Pin all external GitHub Actions versions using SHA1

2026-04-16 02:25:22 +03:00 · 2026-04-13 11:12:30 +02:00
parent 6d4fcee733
commit d2364e7eb9
8 changed files with 36 additions and 36 deletions
--- a/.github/workflows/version_update.yml
+++ b/.github/workflows/version_update.yml
@@ -13,7 +13,7 @@ jobs:
      new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }}
    steps:
      - run: sudo apt install -y jq
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: master
          fetch-depth: 0
@@ -49,7 +49,7 @@ jobs:
      pull-requests: write
    if: needs.check-version.outputs.should_update == 'true'
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: master
          persist-credentials: true