diff options
| author |  Topi Miettinen <toiwoton@gmail.com> | 2021-12-13 14:41:24 +0200 |
|---|---|---|
| committer |  Topi Miettinen <topimiettinen@users.noreply.github.com> | 2021-12-26 21:52:05 +0000 |
| commit | 4bac5c6d716fcaf2542361e5fb56a4e39586b376 (patch) | |
| tree | 38331c4d90f0c1343f6e81b99fbd89317959bf14 /.github/workflows/profile-checks.yml | |
| parent | Fix a typo (diff) | |
| download | firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.tar.gz firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.tar.zst firejail-4bac5c6d716fcaf2542361e5fb56a4e39586b376.zip | |
CI: pin GitHub actions to SHAs
Pinning actions to SHAs instead of versions improves the supply chain
security:
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Diffstat (limited to '.github/workflows/profile-checks.yml')
| -rw-r--r-- | .github/workflows/profile-checks.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml index 951a8b8cf..57a978d55 100644 --- a/.github/workflows/profile-checks.yml +++ b/.github/workflows/profile-checks.yml | |||
| @@ -20,7 +20,7 @@ jobs: | |||
| 20 | profile-checks: | 20 | profile-checks: |
| 21 | runs-on: ubuntu-20.04 | 21 | runs-on: ubuntu-20.04 |
| 22 | steps: | 22 | steps: |
| 23 | - uses: actions/checkout@v2 | 23 | - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 |
| 24 | - name: sort.py | 24 | - name: sort.py |
| 25 | run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile | 25 | run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile |
| 26 | - name: private-etc-always-required.sh | 26 | - name: private-etc-always-required.sh |