Skip to content

Commit 4dd4fa1

Browse files
step-security-botstep-security-bot
authored
[StepSecurity] ci: Harden GitHub Actions (#35)
Signed-off-by: StepSecurity Bot <[email protected]>
1 parent 22be3dd commit 4dd4fa1

File tree

3 files changed

+9
-9
lines changed

3 files changed

+9
-9
lines changed

.github/workflows/main-build.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,19 +10,19 @@ jobs:
1010
name: Build
1111
runs-on: ubuntu-20.04
1212
steps:
13-
- uses: actions/checkout@v4
13+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1414
with:
1515
fetch-depth: 0
1616

1717
- id: setup-java-17
1818
name: Setup Java 17
19-
uses: actions/setup-java@v4
19+
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2020
with:
2121
distribution: temurin
2222
java-version: 17
2323

2424
- name: Set up gradle
25-
uses: gradle/actions/setup-gradle@v4
25+
uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
2626

2727
- name: Build
2828
run: >

.github/workflows/pr-build.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,19 +10,19 @@ jobs:
1010
name: Build
1111
runs-on: ubuntu-20.04
1212
steps:
13-
- uses: actions/checkout@v4
13+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1414
with:
1515
fetch-depth: 0
1616

1717
- id: setup-java-17
1818
name: Setup Java 17
19-
uses: actions/setup-java@v4
19+
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2020
with:
2121
distribution: temurin
2222
java-version: 17
2323

2424
- name: Set up gradle
25-
uses: gradle/actions/setup-gradle@v4
25+
uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
2626

2727
- name: Build
2828
run: >

.github/workflows/release-build.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,19 +12,19 @@ jobs:
1212
name: Build
1313
runs-on: ubuntu-20.04
1414
steps:
15-
- uses: actions/checkout@v4
15+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1616
with:
1717
fetch-depth: 0
1818

1919
- id: setup-java-17
2020
name: Setup Java 17
21-
uses: actions/setup-java@v4
21+
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2222
with:
2323
distribution: temurin
2424
java-version: 17
2525

2626
- name: Set up gradle
27-
uses: gradle/actions/setup-gradle@v4
27+
uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
2828

2929
- name: Use CLA approved github bot
3030
run: .github/scripts/use-cla-approved-github-bot.sh

0 commit comments

Comments
 (0)