diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2021-12-13 14:41:24 +0200 |
---|---|---|
committer | Topi Miettinen <topimiettinen@users.noreply.github.com> | 2021-12-26 21:52:05 +0000 |
commit | 4bac5c6d716fcaf2542361e5fb56a4e39586b376 (patch) | |
tree | 38331c4d90f0c1343f6e81b99fbd89317959bf14 /.github/workflows/build.yml | |
parent | Fix a typo (diff) | |
download | firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.tar.gz firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.tar.zst firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.zip |
CI: pin GitHub actions to SHAs
Pinning actions to SHAs instead of versions improves the supply chain
security:
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Diffstat (limited to '.github/workflows/build.yml')
-rw-r--r-- | .github/workflows/build.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 141e43168..f321b5f7f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -22,7 +22,7 @@ jobs: | |||
22 | build_and_test: | 22 | build_and_test: |
23 | runs-on: ubuntu-20.04 | 23 | runs-on: ubuntu-20.04 |
24 | steps: | 24 | steps: |
25 | - uses: actions/checkout@v2 | 25 | - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 |
26 | - name: install dependencies | 26 | - name: install dependencies |
27 | run: sudo apt-get install gcc-11 libapparmor-dev libselinux1-dev expect xzdec | 27 | run: sudo apt-get install gcc-11 libapparmor-dev libselinux1-dev expect xzdec |
28 | - name: configure | 28 | - name: configure |