diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index e9fd28307cd..c90ad19e694 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -31,7 +31,7 @@ jobs: # additionally enabling all checks defined in this project and any Error # Prone checks available only from other artifact repositories. - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false - name: Set up JDK diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9456ab1700d..836058e38b7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false - name: Set up JDK diff --git a/.github/workflows/deploy-website.yaml b/.github/workflows/deploy-website.yaml index a17d1a0bdd2..3acca90eae4 100644 --- a/.github/workflows/deploy-website.yaml +++ b/.github/workflows/deploy-website.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false - uses: ruby/setup-ruby@v1.126.0 diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index 202e8c170dd..1961745a028 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false - name: Run OpenSSF Scorecard analysis diff --git a/.github/workflows/pitest-analyze-pr.yml b/.github/workflows/pitest-analyze-pr.yml index 5a14fa2ae95..ead5ec8fc08 100644 --- a/.github/workflows/pitest-analyze-pr.yml +++ b/.github/workflows/pitest-analyze-pr.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 2 persist-credentials: false diff --git a/.github/workflows/pitest-update-pr.yml b/.github/workflows/pitest-update-pr.yml index cbaae60813d..9f09bdaa8f0 100644 --- a/.github/workflows/pitest-update-pr.yml +++ b/.github/workflows/pitest-update-pr.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false - name: Set up JDK diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 5df6b84646c..2ee0307f47f 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out code - uses: actions/checkout@v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 persist-credentials: false