From 4d80225bb114c9e2b6a1badbd20bdbe7393e7631 Mon Sep 17 00:00:00 2001 From: James Petersen Date: Fri, 13 Dec 2024 10:14:05 -0700 Subject: [PATCH] chore: pin actions Signed-off-by: James Petersen --- .github/workflows/ci-actions.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-actions.yaml b/.github/workflows/ci-actions.yaml index e31de0f..71c5923 100644 --- a/.github/workflows/ci-actions.yaml +++ b/.github/workflows/ci-actions.yaml @@ -16,12 +16,12 @@ jobs: actions: read steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: persist-credentials: false - name: Install the latest version of uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@e4db8464a088ece1b920f60402e813ea4de65b8f # v4 - name: Run zizmor run: uvx zizmor --pedantic --format sarif . > results.sarif @@ -29,7 +29,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@faa06bd0c3efe9bf73685e4489e70f0f552edc63 # v3 with: sarif_file: results.sarif category: zizmor