From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sat, 13 Nov 2021 21:22:09 +0000 (+0000)
Subject: ci: pin the codeql action to SHAs
X-Git-Tag: v250-rc1~266
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e44a47d186a176ac6ca4644b75f7fd9dbfd306b7;p=thirdparty%2Fsystemd.git

ci: pin the codeql action to SHAs

It's a follow-up to https://github.com/systemd/systemd/pull/21316.

Judging by https://github.com/evverx/systemd/pull/36, Dependabot
supports their release cycle
---

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index ffba2d7e650..4918f0cd622 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -29,14 +29,14 @@ jobs:
       uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@5581e08a65fc3811c3ac78939dd59e7a8adbf003
       with:
         languages: ${{ matrix.language }}
 
     - run: sudo -E .github/workflows/unit_tests.sh SETUP
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@5581e08a65fc3811c3ac78939dd59e7a8adbf003
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@5581e08a65fc3811c3ac78939dd59e7a8adbf003