This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-crypto.git
The following commit(s) were added to refs/heads/master by this push:
new be0da6f [StepSecurity] Apply security best practices (#234)
be0da6f is described below
commit be0da6f738e39de685bfaee4c62ef403eeb4eb77
Author: StepSecurity Bot <b...@stepsecurity.io>
AuthorDate: Fri Jul 21 07:52:24 2023 -0700
[StepSecurity] Apply security best practices (#234)
* [StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <b...@stepsecurity.io>
* Delete dependency-review.yml
---------
Signed-off-by: StepSecurity Bot <b...@stepsecurity.io>
Co-authored-by: Gary Gregory <garydgreg...@users.noreply.github.com>
---
.github/workflows/adhoctest.yml | 3 +++
src/docker/Dockerfile | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/adhoctest.yml b/.github/workflows/adhoctest.yml
index 4a355c8..065a9a5 100644
--- a/.github/workflows/adhoctest.yml
+++ b/.github/workflows/adhoctest.yml
@@ -25,6 +25,9 @@ on:
paths:
- '**/workflows/adhoctest.yml'
+permissions:
+ contents: read
+
jobs:
build:
diff --git a/src/docker/Dockerfile b/src/docker/Dockerfile
index 943a1c6..eb5c9ad 100644
--- a/src/docker/Dockerfile
+++ b/src/docker/Dockerfile
@@ -17,7 +17,7 @@
# for Linux 64-bit and 32-bit, and Windows 64-bit and 32-bit.
# See the README for further details.
-FROM ubuntu:18.04
+FROM
ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98
ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
ENV MAVEN_HOME=/opt/maven
