This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch commit-sha-workflow-sync-dependabot-branch
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 3668435ac25d0f1d26049b5c40594dbb35ba2880
Author: Andrea Cosentino <anco...@gmail.com>
AuthorDate: Tue Sep 3 07:55:51 2024 +0200
Github Actions Security Best practices: Pin Actions to Full lenght Commit
SHA - Sync Dependabot Branch Workflow
---
.github/workflows/synchronize-dependabot-branch.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/synchronize-dependabot-branch.yaml
b/.github/workflows/synchronize-dependabot-branch.yaml
index 9cfd7065a5..42d9ae2c46 100644
--- a/.github/workflows/synchronize-dependabot-branch.yaml
+++ b/.github/workflows/synchronize-dependabot-branch.yaml
@@ -34,7 +34,7 @@ jobs:
steps:
- name: Download dependabot pull request changes
id: download-pr-changes
- uses: actions/github-script@v7
+ uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #
v7.0.1
with:
result-encoding: string
script: |
@@ -74,7 +74,7 @@ jobs:
echo "pr-number=$(cat /home/runner/work/dependabot-pr/PR_NUMBER)"
>> $GITHUB_OUTPUT
fi
- name: Checkout dependabot branch
- uses: actions/checkout@v4
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #
v4.1.7
if: steps.setup-dependabot-patches.outputs.branch-ref != ''
with:
ref: ${{ steps.setup-dependabot-patches.outputs.branch-ref }}
@@ -108,7 +108,7 @@ jobs:
pull-requests: write
steps:
- name: Trigger dependabot pull request workflow
- uses: actions/github-script@v7
+ uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #
v7.0.1
with:
script: |
await github.rest.actions.reRunWorkflow({
