From 5a0c70190ff22537411c95994df55e6349420ece Mon Sep 17 00:00:00 2001 From: Ivan Date: Sun, 21 Sep 2025 02:20:58 -0500 Subject: [PATCH] Add full-length commit hashes for actions for improved supply chain security. --- .github/workflows/build.yml | 10 +++++----- .github/workflows/go-test.yml | 4 ++-- .github/workflows/gosec.yml | 2 +- .github/workflows/revive.yml | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6b39878..368f9ec 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,10 +27,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 with: go-version: '1.24' @@ -58,7 +58,7 @@ jobs: echo "Calculated SHA256 for ${output_name}" - name: Upload Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 with: name: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }} path: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}* @@ -74,7 +74,7 @@ jobs: steps: - name: Download All Build Artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 with: path: ./release-assets @@ -82,6 +82,6 @@ jobs: run: ls -R ./release-assets - name: Create GitHub Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 with: files: ./release-assets/*/* diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index 8b6b11c..c799052 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -16,10 +16,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Source - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 - name: Set up Go 1.24 - uses: actions/setup-go@v4 + uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639 with: go-version: '1.24' diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml index 71a50c1..b887cf2 100644 --- a/.github/workflows/gosec.yml +++ b/.github/workflows/gosec.yml @@ -15,7 +15,7 @@ jobs: GO111MODULE: on steps: - name: Checkout Source - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 - name: Run Gosec Security Scanner uses: securego/gosec@master with: diff --git a/.github/workflows/revive.yml b/.github/workflows/revive.yml index 5f3a025..a09dc46 100644 --- a/.github/workflows/revive.yml +++ b/.github/workflows/revive.yml @@ -14,10 +14,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 with: go-version: '1.24'