From cf2552e0193c4b1a8a17a9c804915c1f72f2e707 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Insaurralde?= Date: Sun, 14 Jun 2026 00:14:24 -0300 Subject: [PATCH] ci: pin GitHub Actions to commit SHAs in release workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Matías Insaurralde --- .github/workflows/release.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 269b6928b0..d89ca7c7be 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,23 +60,23 @@ jobs: cli: ${{ steps.cli.outputs.release }} steps: - name: Checkout Repo - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Parse .tool-versions - uses: wistia/parse-tool-versions@v2.1.1 + uses: wistia/parse-tool-versions@32f568a4ffd4bfa7720ebf93f171597d1ebc979a # v2.1.1 with: filename: '.tool-versions' uppercase: 'true' prefix: 'tool_version_' - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0 id: pnpm-install with: version: '${{ env.TOOL_VERSION_PNPM }}' - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: '${{ env.TOOL_VERSION_NODEJS }}' registry-url: 'https://registry.npmjs.org' @@ -153,7 +153,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Release Failed - Slack Notification - uses: rtCamp/action-slack-notify@v2 + uses: rtCamp/action-slack-notify@33ca3be66c6f378fe1610fd1d5258632dbed5e58 # v2.4.0 env: SLACK_COLOR: '#ff0000' SLACK_MESSAGE: ':here-we-go-again: :bob-the-destroyer: We need :fix-parrot: ASAP :pray:'