From 918db15b45769128f268756ca5acea6d6496e827 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 13 Dec 2024 02:35:56 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/changeset-prod.yml | 2 +- .github/workflows/codeql.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/changeset-prod.yml b/.github/workflows/changeset-prod.yml index 1603db14..d91f272f 100644 --- a/.github/workflows/changeset-prod.yml +++ b/.github/workflows/changeset-prod.yml @@ -66,7 +66,7 @@ jobs: # open a PR to merge changes into main # when it's merged, trigger the release workflow for the stable channel - name: Create Pull Request - uses: peter-evans/create-pull-request@v6.1.0 + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 with: branch: changeset-release/main # base: origin/main diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5c351d7b..633fdb28 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -58,11 +58,11 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -90,6 +90,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 with: category: "/language:${{matrix.language}}"