From 7e52effb90282eefb43ca03c1d34ac23652b0bde Mon Sep 17 00:00:00 2001
From: "hashicorp-tsccr[bot]"
 <129506189+hashicorp-tsccr[bot]@users.noreply.github.com>
Date: Fri, 21 Jul 2023 17:48:24 -0700
Subject: [PATCH] SEC-090: Automated trusted workflow pinning (2023-07-22)
 (#11)

Result of tsccr-helper -log-level=info -pin-all-workflows .

Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
---
 .github/workflows/snyk.yml        | 4 ++--
 .github/workflows/superlinter.yml | 4 ++--
 .github/workflows/typescript.yml  | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index e2d6801..d286169 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -14,13 +14,13 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           fetch-depth: 1
 
       # see https://github.com/snyk/actions/tree/master/node
       - name: Lint Code with Snyk
-        uses: snyk/actions/node@master # TSCCR: no entry for repository "snyk/actions"
+        uses: snyk/actions/node@87b58602664ec2c1c4fd286e2dcf71f2c5a331d6 # main
         env:
           # see https://github.com/snyk/actions#getting-your-snyk-token
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml
index 596d794..865db30 100644
--- a/.github/workflows/superlinter.yml
+++ b/.github/workflows/superlinter.yml
@@ -10,13 +10,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
 
       - name: Lint Code with Super-Linter
-        uses: github/super-linter@454ba4482ce2cd0c505bc592e83c06e1e37ade61 # v4.10.1
+        uses: github/super-linter@45fc0d88288beee4701c62761281edfee85655d7 # v5.0.0
         env:
           VALIDATE_ALL_CODEBASE: true
           DEFAULT_BRANCH: "main"
diff --git a/.github/workflows/typescript.yml b/.github/workflows/typescript.yml
index f9bfb72..46fd784 100644
--- a/.github/workflows/typescript.yml
+++ b/.github/workflows/typescript.yml
@@ -18,12 +18,12 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           fetch-depth: 1
 
       - name: Set up Node.js
-        uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'