Closed evansims closed 1 year ago
This PR pins the gradle/wrapper-validation-action third-party action to a full-length commit SHA — that of release 1.0.6.
gradle/wrapper-validation-action
Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
This PR also updates the official actions/checkout action to use the newer v3 release.
actions/checkout
This PR pins the
gradle/wrapper-validation-action
third-party action to a full-length commit SHA — that of release 1.0.6.Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
This PR also updates the official
actions/checkout
action to use the newer v3 release.