Commit 05c7973
committed
ci: pin all GitHub Actions to commit SHAs
Pin remaining actions that were using mutable tags to specific commit
SHAs for supply chain security. This ensures CI runs are reproducible
and not vulnerable to tag hijacking.
Actions pinned:
- actions/checkout@v6 -> de0fac2e (v6.0.2)
- astral-sh/setup-uv@v7.2.1 -> 803947b9
- anthropics/claude-code-action@v1 -> 2f8ba26a (v1.0.53)
Affected workflows:
- weekly-lockfile-update.yml
- claude.yml
- claude-code-review.yml1 parent b9431d4 commit 05c7973
File tree
3 files changed
+6
-6
lines changed- .github/workflows
3 files changed
+6
-6
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
19 | 19 | | |
20 | 20 | | |
21 | 21 | | |
22 | | - | |
| 22 | + | |
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
27 | 27 | | |
28 | | - | |
| 28 | + | |
29 | 29 | | |
30 | 30 | | |
31 | 31 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
30 | | - | |
| 30 | + | |
31 | 31 | | |
32 | 32 | | |
33 | 33 | | |
34 | 34 | | |
35 | 35 | | |
36 | | - | |
| 36 | + | |
37 | 37 | | |
38 | 38 | | |
39 | 39 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
17 | | - | |
| 17 | + | |
18 | 18 | | |
19 | | - | |
| 19 | + | |
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
| |||
0 commit comments