diff --git a/.github/workflows/build-nix-images.yaml b/.github/workflows/build-nix-images.yaml index 125a0fb..b6a3d23 100644 --- a/.github/workflows/build-nix-images.yaml +++ b/.github/workflows/build-nix-images.yaml @@ -72,7 +72,7 @@ jobs: sudo apt-get clean - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: ref: ${{ inputs.branch }} fetch-depth: 0 diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c7330b8..991d3fb 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: fetch-depth: 0 # fetch all history so multiple commits can be scanned - name: GitGuardian scan @@ -82,7 +82,7 @@ jobs: steps: - name: Checkout for docs check - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: sparse-checkout: | docs @@ -179,7 +179,7 @@ jobs: sudo apt-get update sudo apt-get install -yq zstd sudo apt-get clean - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@786fff0690178f1234e4e1fe9b536e94f5433196 # ratchet:DeterminateSystems/nix-installer-action@main with: diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 6f8612e..87ff9fe 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 - name: Run Labeler uses: crazy-max/ghaction-github-labeler@de749cf181958193cb7debf1a9c5bb28922f3e1b # ratchet:crazy-max/ghaction-github-labeler@v5 diff --git a/.github/workflows/package-release.yaml b/.github/workflows/package-release.yaml index f73423c..dc6b03a 100644 --- a/.github/workflows/package-release.yaml +++ b/.github/workflows/package-release.yaml @@ -115,7 +115,7 @@ jobs: released: ${{ steps.semantic-release.outputs.new_release_published || 'false' }} tag: ${{ steps.semantic-release.outputs.new_release_git_tag }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: fetch-depth: 0 ref: ${{ inputs.checkout-ref }} diff --git a/.github/workflows/python-test.yaml b/.github/workflows/python-test.yaml index 62f4664..f9e7b69 100644 --- a/.github/workflows/python-test.yaml +++ b/.github/workflows/python-test.yaml @@ -50,7 +50,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: ref: ${{ inputs.checkout_ref != '' && inputs.checkout_ref || github.ref }} diff --git a/.github/workflows/template.yaml b/.github/workflows/template.yaml index c784c46..d11905f 100644 --- a/.github/workflows/template.yaml +++ b/.github/workflows/template.yaml @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 with: fetch-depth: 0 # fetch all history so multiple commits can be scanned - name: GitGuardian scan