mirror of
https://github.com/coredns/coredns.git
synced 2025-12-18 16:15:18 -05:00
Fix pinning of github actions (#5213)
It is recommended to pin github actions with hash so that an action is not posing an unknown security risk (as the actions itself is not written by us). Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This commit is contained in:
Yong Tang
GitHub
8
.github/workflows/codeql-analysis.yml
vendored
8
.github/workflows/codeql-analysis.yml
vendored
@@ -20,15 +20,15 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
uses: github/codeql-action/init@75f07e7ab2ee63cba88752d8c696324e4df67466
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v1
|
||||
uses: github/codeql-action/autobuild@75f07e7ab2ee63cba88752d8c696324e4df67466
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v1
|
||||
uses: github/codeql-action/analyze@75f07e7ab2ee63cba88752d8c696324e4df67466
|
||||
|
||||
Reference in New Issue
Block a user