From 3e445ab06645990431f9d1d900e29333d595076d Mon Sep 17 00:00:00 2001 From: Pedro Kaj Kjellerup Nacht Date: Wed, 6 Sep 2023 20:10:44 +0000 Subject: [PATCH] Hash-pin GitHub Actions Signed-off-by: Pedro Kaj Kjellerup Nacht --- .github/workflows/cifuzz.yml | 2 +- .github/workflows/main.yml | 6 +++--- .github/workflows/release.yml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index 1cf8618cb2..fd0e53ff98 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -27,7 +27,7 @@ jobs: dry-run: false language: jvm - name: Upload Crash - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 if: failure() && steps.build.outcome == 'success' with: name: artifacts diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index df7f4313f2..e82a09e6b1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -31,9 +31,9 @@ jobs: env: JAVA_OPTS: "-XX:+TieredCompilation -XX:TieredStopAtLevel=1" steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2 # v3.12.0 with: distribution: 'temurin' java-version: ${{ matrix.java_version }} @@ -64,7 +64,7 @@ jobs: run: ./mvnw -B -q -ff -ntp test - name: Publish code coverage if: github.event_name != 'pull_request' && matrix.java_version == '8' - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 with: token: ${{ secrets.CODECOV_TOKEN }} file: ./target/site/jacoco/jacoco.xml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b1d55fd6d1..a2302cf9d1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -28,9 +28,9 @@ jobs: - name: Validate version name run: | [[ "$TAG" =~ jackson-core-[0-9]+\.[0-9]+\.[0-9]+(-rc[0-9]+)? ]] || exit 1 - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2 # v3.12.0 with: distribution: "temurin" java-version: "8"