From: Evgeny Vereshchagin Date: Thu, 11 Nov 2021 05:04:56 +0000 (+0000) Subject: ci: pin some workflows to SHAs X-Git-Tag: v250-rc1~291^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F21316%2Fhead;p=thirdparty%2Fsystemd.git ci: pin some workflows to SHAs to let Dependabot keep track of them using SHAs codeql-actions doesn't point to SHAs because it isn't clear whether Dependabot supports their release cycle mentioned at https://github.com/github/codeql-action/issues/307 --- diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml index ae03f591b3f..5f2959871b2 100644 --- a/.github/workflows/build_test.yml +++ b/.github/workflows/build_test.yml @@ -30,6 +30,6 @@ jobs: env: ${{ matrix.env }} steps: - name: Repository checkout - uses: actions/checkout@v1 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 - name: Build check (${{ env.COMPILER }}-${{ env.COMPILER_VERSION }}) run: sudo -E .github/workflows/build_test.sh diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index 730bf9d8e65..2b5dba17570 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -44,7 +44,7 @@ jobs: dry-run: false sanitizer: ${{ matrix.sanitizer }} - name: Upload Crash - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@27121b0bdffd731efa15d66772be8dc71245d074 if: failure() && steps.build.outcome == 'success' with: name: ${{ matrix.sanitizer }}-artifacts diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 2c3c58ad586..cb12b0a5d1a 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - name: Lint Code Base - uses: github/super-linter@v3 + uses: github/super-linter@fd9c4286d3de3fdd9258a395570cae287f13f974 env: DEFAULT_BRANCH: main # Excludes: