[StepSecurity] ci: Harden GitHub Actions

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-10-16 05:53:03 +00:00
parent 8b41368e7b
commit bff82e1968
12 changed files with 78 additions and 78 deletions
--- a/.github/workflows/links.yml
+++ b/.github/workflows/links.yml
@@ -18,9 +18,9 @@ jobs:
    name: lychee
    timeout-minutes: 15
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

-      - uses: lycheeverse/lychee-action@v1.10.0
+      - uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0
        with:
          # Fail action on broken links
          fail: true