Improve GitHub Actions by pinning commit hashes

Minimizes risk related to CVE-2025-30066:
https://nvd.nist.gov/vuln/detail/cve-2025-30066

Author: onethumb

.github/workflows/integration.yml

@@ -6,15 +6,14 @@ jobs:
     strategy:
       matrix:
         php-version:
-          - "8.0"
           - "8.1"
           - "8.2"
           - "8.3"
           - "8.4"
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: "Build extension"
         run: "docker build -t simdjsontest -f docker_php${{ matrix.php-version }}-alpine ."
@@ -26,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: "Build PHP and extension in development mode"
         run: "docker build -t simdjsontest -f docker_php8.4-dev ."
@@ -48,10 +47,10 @@ jobs:
     continue-on-error: ${{ matrix.experimental }}
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: "Install PHP"
-        uses: shivammathur/setup-php@v2
+        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2.32.0
         with:
           php-version: "${{ matrix.php-version }}"
           extensions: json
@@ -94,10 +93,10 @@ jobs:
         php: ['8.0', '8.1', '8.2', '8.3', '8.4']
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Install PHP ${{ matrix.php }}
-        uses: shivammathur/setup-php@v2
+        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2.32.0
         with:
           php-version: ${{ matrix.php }}
           extensions: json