diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 5523b3e..8240ef7 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -24,7 +24,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 diff --git a/.github/workflows/semgrep_diff.yml b/.github/workflows/semgrep_diff.yml index d52c413..54a6219 100644 --- a/.github/workflows/semgrep_diff.yml +++ b/.github/workflows/semgrep_diff.yml @@ -29,7 +29,7 @@ jobs: steps: # Step 1: Clone application source code - name: Checkout code - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/sync-code-of-conduct.yml b/.github/workflows/sync-code-of-conduct.yml index cd17cba..86a95c5 100644 --- a/.github/workflows/sync-code-of-conduct.yml +++ b/.github/workflows/sync-code-of-conduct.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: github.repository_owner == 'adoptium' steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: 'main'