Fix pinning of github actions (#5213)

It is recommended to pin github actions with hash so that an action is not posing an unknown security risk (as the actions itself is not written by us). Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2025-10-27 08:14:18 -04:00 · 2022-03-01 11:32:00 -08:00
parent 402c08fea0
commit 6c26446bb7
11 changed files with 28 additions and 28 deletions
--- a/.github/workflows/go.coverage.yml
+++ b/.github/workflows/go.coverage.yml
@@ -6,13 +6,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Install Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@bfdd3570ce990073878bf10f6b2d79082de49492
        with:
          go-version: '1.17.0'
        id: go

      - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579

      - name: Build
        run: go build -v ./...
@@ -24,4 +24,4 @@ jobs:
          done

      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v2.1.0
+        uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b