You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2023/06/24 18:32:55 UTC

[commons-build-plugin] branch master updated: [StepSecurity] ci: Harden GitHub Actions (#162)

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-build-plugin.git


The following commit(s) were added to refs/heads/master by this push:
     new c17907a  [StepSecurity] ci: Harden GitHub Actions (#162)
c17907a is described below

commit c17907af71ac9d25cb0ab5c0ea0901003b14fcab
Author: StepSecurity Bot <bo...@stepsecurity.io>
AuthorDate: Sat Jun 24 11:32:51 2023 -0700

    [StepSecurity] ci: Harden GitHub Actions (#162)
    
    Signed-off-by: StepSecurity Bot <bo...@stepsecurity.io>
---
 .github/workflows/coverage.yml | 6 +++---
 .github/workflows/maven.yml    | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index cb4a7a0..502cb4b 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -32,14 +32,14 @@ jobs:
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
       with:
         persist-credentials: false
-    - uses: actions/cache@v3.3.1
+    - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
     - name: Set up JDK ${{ matrix.java }}
-      uses: actions/setup-java@v3.11.0
+      uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
       with:
         distribution: 'temurin'
         java-version: ${{ matrix.java }}
@@ -47,6 +47,6 @@ jobs:
       run: mvn -V test jacoco:report --file pom.xml --no-transfer-progress
 
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
       with:
         files: ./target/site/jacoco/jacoco.xml
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 9b544fb..2823ff1 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -37,14 +37,14 @@ jobs:
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
       with:
         persist-credentials: false
-    - uses: actions/cache@v3.3.1
+    - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
     - name: Set up JDK ${{ matrix.java }}
-      uses: actions/setup-java@v3.11.0
+      uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
       with:
         distribution: 'temurin'
         java-version: ${{ matrix.java }}