ci: pin some more action versions (#36343)

* [StepSecurity] ci: Harden GitHub Actions

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

* Update electron_woa_testing.yml

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
This commit is contained in:
Step Security Bot 2022-11-14 18:39:13 -08:00 коммит произвёл GitHub
Родитель 9618a7227e
Коммит f9d1b9aded
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 6 добавлений и 6 удалений

10
.github/workflows/electron_woa_testing.yml поставляемый
Просмотреть файл

@ -26,7 +26,7 @@ jobs:
checks: write
pull-requests: write
steps:
- uses: LouisBrunner/checks-action@v1.1.1
- uses: LouisBrunner/checks-action@442ad2296fb110373e3fe01c2a3717b546583631 # tag: v1.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
name: electron-woa-testing
@ -39,7 +39,7 @@ jobs:
Remove-Item * -Recurse -Force
shell: powershell
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag: v3
with:
path: src\electron
fetch-depth: 0
@ -134,7 +134,7 @@ jobs:
run: |
Remove-Item -path $env:APPDATA/Electron* -Recurse -Force -ErrorAction Ignore
shell: powershell
- uses: LouisBrunner/checks-action@v1.1.1
- uses: LouisBrunner/checks-action@442ad2296fb110373e3fe01c2a3717b546583631 # tag: v1.1.1
if: ${{ success() }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
@ -143,7 +143,7 @@ jobs:
details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
output: |
{"summary":"${{ job.status }}","text_description":"See job details here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"}
- uses: LouisBrunner/checks-action@v1.1.1
- uses: LouisBrunner/checks-action@442ad2296fb110373e3fe01c2a3717b546583631 # tag: v1.1.1
if: ${{ success() }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
@ -152,7 +152,7 @@ jobs:
details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
output: |
{"summary":"Job Succeeded","text_description":"See job details here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"}
- uses: LouisBrunner/checks-action@v1.1.1
- uses: LouisBrunner/checks-action@442ad2296fb110373e3fe01c2a3717b546583631 # tag: v1.1.1
if: ${{ ! success() }}
with:
token: ${{ secrets.GITHUB_TOKEN }}