Security hardening: lock community action versions
As there's no lockfile for GitHub Actions, specify the commit SHAs to use for community actions so that changes can be reviewed before using a new version of a particular action.
This commit is contained in:
parent
d5d9bdf7bf
commit
b3c925a0cf
3 changed files with 16 additions and 16 deletions
2
.github/workflows/unlabel-closed-issues.yml
vendored
2
.github/workflows/unlabel-closed-issues.yml
vendored
|
|
@ -11,7 +11,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Unlabel the closed issue
|
||||
uses: actions-ecosystem/action-remove-labels@v1
|
||||
uses: actions-ecosystem/action-remove-labels@556e306
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
labels: next
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue