search

redhat-developer / intellij-common

4 stars 11 forks source link

chore: Pin 3rd-party actions to SHA1 #177

Closed fbricon closed 1 year ago

fbricon commented 1 year ago

Hi!

Following the GH Action Security Hardening guide we should use the commit SHA instead of the branch or tag for any third-party untrusted action.

This PR was submitted by a script.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information