[StepSecurity] ci: Harden GitHub Actions (#1426)

Co-authored-by: nils måsén <nils@piksel.se>
2025-12-14 06:06:38 +01:00 · 2022-10-16 05:13:42 -07:00 · 2022-10-16 05:13:42 -07:00 · 9a2f9c48c7
commit 9a2f9c48c7
parent 0a0998f83c
3 changed files with 8 additions and 8 deletions
--- a/.github/workflows/release-dev.yaml
+++ b/.github/workflows/release-dev.yaml
@ -39,7 +39,7 @@ jobs:
    steps:
      - uses: actions/checkout@v3
      - name: Publish to Docker Hub
-        uses: jerray/publish-docker-action@master
+        uses: jerray/publish-docker-action@87d84711629b0dc9f6bb127b568413cc92a2088e #master@2022-10-14
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
@ -47,7 +47,7 @@ jobs:
          repository: containrrr/watchtower
          tags: latest-dev
      - name: Publish to GHCR
-        uses: jerray/publish-docker-action@master
+        uses: jerray/publish-docker-action@87d84711629b0dc9f6bb127b568413cc92a2088e #master@2022-10-14
        with:
          username: ${{ secrets.BOT_USERNAME }}
          password: ${{ secrets.BOT_GHCR_PAT }}