Merge pull request #46 from nicholas-fedor/45-fix-code-scanning-alert---unpinned-tag-for-a-non-immutable-action-in-workflow

(Issue #45) Fix for code scanning alert - Unpinned tags for a non immutable action in workflow
2025-09-22 05:40:50 +02:00 · 2025-02-02 04:26:45 -07:00 · 2025-02-02 04:26:45 -07:00 · 016efbf88e
commit 016efbf88e
parent 0381e22054 82940f1336
4 changed files with 5 additions and 5 deletions
--- a/.github/workflows/dependabot-approve.yml
+++ b/.github/workflows/dependabot-approve.yml
@ -9,4 +9,4 @@ jobs:
      pull-requests: write
    if: github.actor == 'dependabot[bot]'
    steps:
-      - uses: hmarr/auto-approve-action@v4
+      - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@ -19,7 +19,7 @@ jobs:
        with:
          go-version: stable
      - name: golangci-lint
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@ec5d18412c0aeab7936cb16880d708ba2a64e1ae
        with:
          version: v1.60
  test:
@ -47,7 +47,7 @@ jobs:
        run: |
          go test -v -coverprofile coverage.out -covermode atomic ./... 
      - name: Publish coverage
-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
  build:
--- a/.github/workflows/release-dev.yaml
+++ b/.github/workflows/release-dev.yaml
@ -30,7 +30,7 @@ jobs:
      - name: Test
        run: go test -v -coverprofile coverage.out -covermode atomic ./...
      - name: Publish coverage
-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
  publish:
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -17,7 +17,7 @@ jobs:
        with:
          go-version: stable
      - name: golangci-lint
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@ec5d18412c0aeab7936cb16880d708ba2a64e1ae
        with:
          version: v1.60