to let Dependabot keep track of them using SHAs
codeql-actions doesn't point to SHAs because it isn't clear
whether Dependabot supports their release cycle mentioned
at https://github.com/github/codeql-action/issues/307
env: ${{ matrix.env }}
steps:
- name: Repository checkout
- uses: actions/checkout@v1
+ uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- name: Build check (${{ env.COMPILER }}-${{ env.COMPILER_VERSION }})
run: sudo -E .github/workflows/build_test.sh
dry-run: false
sanitizer: ${{ matrix.sanitizer }}
- name: Upload Crash
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@27121b0bdffd731efa15d66772be8dc71245d074
if: failure() && steps.build.outcome == 'success'
with:
name: ${{ matrix.sanitizer }}-artifacts
fetch-depth: 0
- name: Lint Code Base
- uses: github/super-linter@v3
+ uses: github/super-linter@fd9c4286d3de3fdd9258a395570cae287f13f974
env:
DEFAULT_BRANCH: main
# Excludes: