diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index aa1719327a37..ca2a9b93a462 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml index 50a9b97dd529..18a00831dcdd 100644 --- a/.github/workflows/goreleaser.yaml +++ b/.github/workflows/goreleaser.yaml @@ -27,7 +27,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 with: fetch-depth: 0 - diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 6a9f53ee363b..231f7e2d39c3 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -55,11 +55,11 @@ jobs: - name: pull_request actions/checkout if: github.event_name == 'pull_request' - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 - name: pull_request actions/checkout if: github.event_name == 'repository_dispatch' - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 with: ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge' diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 69778cea3fa1..17eeed1fdb31 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: with: version: 3.17.3 - name: Clone the code - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 with: fetch-depth: 0 - name: Setup Go @@ -45,7 +45,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4 + - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4 - uses: actions/setup-go@331ce1d993939866bb63c32c6cbbfd48fa76fc57 # v2.1.3 with: go-version: '1.17' diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index c206d686c931..d04238a9755f 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -19,7 +19,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 - name: "Run analysis" # This is temporary for dogfooding.