chore(deps): pin dependencies

gipo355 · Dec 10, 2024 · a99d33f · a99d33f
1 parent cf24abd
commit a99d33f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/changeset-prod.yml b/.github/workflows/changeset-prod.yml
@@ -66,7 +66,7 @@ jobs:
       # open a PR to merge changes into main
       # when it's merged, trigger the release workflow for the stable channel
       - name: Create Pull Request
-        uses: peter-evans/[email protected]
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
         with:
           branch: changeset-release/main
           # base: origin/main

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -58,11 +58,11 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -90,6 +90,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3
       with:
         category: "/language:${{matrix.language}}"