diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 9f3a1d72..f9f23f49 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/deploy-to-production.yml b/.github/workflows/deploy-to-production.yml index a434a89e..433ed5e3 100644 --- a/.github/workflows/deploy-to-production.yml +++ b/.github/workflows/deploy-to-production.yml @@ -12,7 +12,7 @@ jobs: url: https://ads.brave.com steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - name: Use Node.js uses: actions/setup-node@v3 with: diff --git a/.github/workflows/deploy-to-staging.yml b/.github/workflows/deploy-to-staging.yml index e13913cd..2af967aa 100644 --- a/.github/workflows/deploy-to-staging.yml +++ b/.github/workflows/deploy-to-staging.yml @@ -12,7 +12,7 @@ jobs: url: https://ads.bravesoftware.com steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - name: Use Node.js uses: actions/setup-node@v3 with: diff --git a/.github/workflows/sanity-check.yml b/.github/workflows/sanity-check.yml index 3ac332f1..c2f69967 100644 --- a/.github/workflows/sanity-check.yml +++ b/.github/workflows/sanity-check.yml @@ -12,7 +12,7 @@ jobs: check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - name: Use Node.js uses: actions/setup-node@v3 with: diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 9afe8a34..008c81b8 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -19,7 +19,7 @@ jobs: steps: # Fetch project source - - uses: actions/checkout@v3 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - uses: returntocorp/semgrep-action@v1 with: publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}