diff --git a/.github/workflows/reusable-playwright-tests.yml b/.github/workflows/reusable-playwright-tests.yml index f10d7d5..41cd338 100644 --- a/.github/workflows/reusable-playwright-tests.yml +++ b/.github/workflows/reusable-playwright-tests.yml @@ -43,7 +43,7 @@ jobs: - name: Fetch webapp if: inputs.webapp-artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 with: name: ${{ inputs.webapp-artifact }} path: webapp @@ -60,7 +60,7 @@ jobs: - name: Upload blob report to GitHub Actions Artifacts if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: name: playwright-html-report path: playwright-report diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index 9078d3f..5852c91 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -38,7 +38,7 @@ jobs: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: 📥 Download artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} run-id: ${{ github.event.workflow_run.id }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a8d8d22..301eda0 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -35,7 +35,7 @@ jobs: run: sed -ie 's/filename="/filename="modules\/restricted-guests\/synapse\//' modules/restricted-guests/synapse/coverage.xml - name: Upload Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 with: name: coverage path: |