You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2023/06/24 17:54:41 UTC
[commons-csv] branch master updated: [StepSecurity] ci: Harden GitHub Actions
This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-csv.git
The following commit(s) were added to refs/heads/master by this push:
new 62f4c6db [StepSecurity] ci: Harden GitHub Actions
new 0a6e08ac Merge pull request #329 from step-security-bot/stepsecurity_remediation_1687629086
62f4c6db is described below
commit 62f4c6db313686ae626f56029a0865a26126c66b
Author: StepSecurity Bot <bo...@stepsecurity.io>
AuthorDate: Sat Jun 24 17:51:28 2023 +0000
[StepSecurity] ci: Harden GitHub Actions
Signed-off-by: StepSecurity Bot <bo...@stepsecurity.io>
---
.github/workflows/maven.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 5cefdeb3..62cf5a11 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -37,14 +37,14 @@ jobs:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
with:
persist-credentials: false
- - uses: actions/cache@v3.3.1
+ - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up JDK ${{ matrix.java }}
- uses: actions/setup-java@v3.11.0
+ uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
with:
distribution: 'temurin'
java-version: ${{ matrix.java }}