CI: pin actions

This is considered a better practice security-wise since hashes are immutable.
Dependabot handles updating hashes the same way, so there should be no problem
updating actions.
This commit is contained in:
XhmikosR
2025-09-17 07:34:51 +03:00
parent 2497d5406e
commit 44da0697fb
4 changed files with 13 additions and 13 deletions

View File

@@ -9,9 +9,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v5
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Dependency Review
uses: actions/dependency-review-action@v4
uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3