From f627c253669b3167891ed0791b3cfaacc07334ed Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 31 Mar 2026 10:43:32 +0000 Subject: [PATCH] fix: pin GitHub Actions to full SHA (CLOUDEVOPS-4942) --- .github/workflows/code-analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml index c070c8e..78b43db 100644 --- a/.github/workflows/code-analysis.yml +++ b/.github/workflows/code-analysis.yml @@ -9,9 +9,9 @@ jobs: spectral: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 - name: CloudGuard Code Security Scan - uses: checkpointsw/spectral-github-action@v4 + uses: checkpointsw/spectral-github-action@9650ea07069ebcb84dcd16236c9c241012ec7f83 # v4 with: spectral-dsn: ${{ env.SPECTRAL_DSN }} spectral-args: scan --fail-on-error --engines secrets,iac,oss --asset-mapping github.${{ github.repository_owner }}