From cf8b4e05cd91718cbc110da5f357aa965d5566a5 Mon Sep 17 00:00:00 2001
From: Alexander Lanin <Alexander.Lanin@etas.com>
Date: Wed, 11 Mar 2026 19:32:38 +0100
Subject: [PATCH] chore(ci): pin cicd-workflows reusable workflows to commit
 SHA

---
 .github/workflows/build_qnx8.yml    | 2 +-
 .github/workflows/bzlmod-lock.yml   | 2 +-
 .github/workflows/copyright.yml     | 2 +-
 .github/workflows/docs-cleanup.yml  | 2 +-
 .github/workflows/docs.yml          | 2 +-
 .github/workflows/format.yml        | 2 +-
 .github/workflows/license_check.yml | 2 +-
 .github/workflows/lint_clippy.yml   | 2 +-
 .github/workflows/rust_coverage.yml | 2 +-
 9 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/build_qnx8.yml b/.github/workflows/build_qnx8.yml
index f11fdf1a..eecc4c27 100644
--- a/.github/workflows/build_qnx8.yml
+++ b/.github/workflows/build_qnx8.yml
@@ -19,7 +19,7 @@ on:
     types: [checks_requested]
 jobs:
   qnx-build:
-    uses: eclipse-score/cicd-workflows/.github/workflows/qnx-build.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/qnx-build.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     permissions:
       contents: read
       pull-requests: read
diff --git a/.github/workflows/bzlmod-lock.yml b/.github/workflows/bzlmod-lock.yml
index eebb3df6..6df2a121 100644
--- a/.github/workflows/bzlmod-lock.yml
+++ b/.github/workflows/bzlmod-lock.yml
@@ -21,6 +21,6 @@ on:
       - main
 jobs:
   bzlmod-lock:
-    uses: eclipse-score/cicd-workflows/.github/workflows/bzlmod-lock-check.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/bzlmod-lock-check.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       working-directory: .
diff --git a/.github/workflows/copyright.yml b/.github/workflows/copyright.yml
index aee334df..27d2e113 100644
--- a/.github/workflows/copyright.yml
+++ b/.github/workflows/copyright.yml
@@ -22,6 +22,6 @@ env:
 
 jobs:
   copyright-check:
-    uses: eclipse-score/cicd-workflows/.github/workflows/copyright.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/copyright.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       bazel-target: "run --lockfile_mode=error //:copyright.check"
diff --git a/.github/workflows/docs-cleanup.yml b/.github/workflows/docs-cleanup.yml
index 56626f0f..0ccd7592 100644
--- a/.github/workflows/docs-cleanup.yml
+++ b/.github/workflows/docs-cleanup.yml
@@ -24,6 +24,6 @@ on:
 
 jobs:
   docs-cleanup:
-    uses: eclipse-score/cicd-workflows/.github/workflows/docs-cleanup.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/docs-cleanup.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     secrets:
       token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index d8c477c7..11a473bc 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -32,7 +32,7 @@ on:
 
 jobs:
   build-docs:
-    uses: eclipse-score/cicd-workflows/.github/workflows/docs.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/docs.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     permissions:
       contents: write
       pages: write
diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml
index 35cbc74e..a42d721f 100644
--- a/.github/workflows/format.yml
+++ b/.github/workflows/format.yml
@@ -22,6 +22,6 @@ env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 jobs:
   formatting-check:
-    uses: eclipse-score/cicd-workflows/.github/workflows/format.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/format.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       bazel-target: "test --lockfile_mode=error //:format.check" # optional, this is the default
diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml
index c2fc1b90..0db1e1af 100644
--- a/.github/workflows/license_check.yml
+++ b/.github/workflows/license_check.yml
@@ -26,7 +26,7 @@ permissions:
 jobs:
   license-check:
     if: ${{ github.repository == 'eclipse-score/baselibs_rust' }}
-    uses: eclipse-score/cicd-workflows/.github/workflows/license-check.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/license-check.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       repo-url: "${{ github.server_url }}/${{ github.repository }}"
       bazel-target: "run --lockfile_mode=error //:license-check"
diff --git a/.github/workflows/lint_clippy.yml b/.github/workflows/lint_clippy.yml
index ebd84b83..578e94ba 100644
--- a/.github/workflows/lint_clippy.yml
+++ b/.github/workflows/lint_clippy.yml
@@ -24,7 +24,7 @@ on:
 
 jobs:
   lint-clippy:
-    uses: eclipse-score/cicd-workflows/.github/workflows/static-analysis.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/static-analysis.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       bazel-targets: "//src/..."
       bazel-config: "lint"
diff --git a/.github/workflows/rust_coverage.yml b/.github/workflows/rust_coverage.yml
index 49846f10..99fcbe86 100644
--- a/.github/workflows/rust_coverage.yml
+++ b/.github/workflows/rust_coverage.yml
@@ -18,7 +18,7 @@ on:
 
 jobs:
   rust_coverage:
-    uses: eclipse-score/cicd-workflows/.github/workflows/rust-coverage.yml@main
+    uses: eclipse-score/cicd-workflows/.github/workflows/rust-coverage.yml@c1c90b1a82a1fab0fc202979dde6686b2162d5a8 # v0.0.0
     with:
       bazel-test-targets: "//src/..."
       bazel-test-config-flags: "--config=ferrocene-coverage"