Skip to content

chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 #420

chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0

chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 #420

name: Lockdown untrusted workflows
on:
push:
paths:
- ".github/workflows/**"
pull_request:
paths:
- ".github/workflows/**"
permissions:
contents: read
jobs:
enforce_pinned_workflows:
name: Harden Security
runs-on: ubuntu-latest
permissions:
actions: read
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Ensure 3rd party workflows have SHA pinned
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ba37328d4ea95eaf8b3bd6c6cef308f709a5f2ec # v3.0.3