diff --git a/.github/workflows/ScanSecrets.yaml b/.github/workflows/ScanSecrets.yaml index 7b9441c892a..f2851be493b 100644 --- a/.github/workflows/ScanSecrets.yaml +++ b/.github/workflows/ScanSecrets.yaml @@ -11,10 +11,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 10 - name: Secret Scanning - uses: trufflesecurity/trufflehog@main + uses: trufflesecurity/trufflehog@6171fa9f6676edf21e15bba41f049b18399d7372 # main with: extra_args: --exclude-paths=.script/SecretScanning/Excludepathlist --only-verified diff --git a/.github/workflows/addCommentToRemindUpdatingTemplateVersion.yml b/.github/workflows/addCommentToRemindUpdatingTemplateVersion.yml index 28f4b8628a2..06ab518a5c6 100644 --- a/.github/workflows/addCommentToRemindUpdatingTemplateVersion.yml +++ b/.github/workflows/addCommentToRemindUpdatingTemplateVersion.yml @@ -15,7 +15,7 @@ jobs: hasAutoDetectionComment: ${{ steps.job1.outputs.hasAutoDetectionComment }} steps: - name: Find Comment - uses: peter-evans/find-comment@v3 + uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3 id: fc with: issue-number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/aws-s3-bundle-update.yaml b/.github/workflows/aws-s3-bundle-update.yaml index 3918a7de569..7d4cf49ec16 100644 --- a/.github/workflows/aws-s3-bundle-update.yaml +++ b/.github/workflows/aws-s3-bundle-update.yaml @@ -33,13 +33,13 @@ jobs: steps: - name: Generate a token id: generate_token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1 with: app-id: ${{ secrets.APPLICATION_ID }} private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }} - name: Checkout PR branch with sparse checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: token: ${{ steps.generate_token.outputs.token }} ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 18858f8dc00..30836bdba17 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,11 +38,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -53,7 +53,7 @@ jobs: # ℹ️ Setup DotNet Versions to building C# projects - name: Setup DotNet Versions - uses: actions/setup-dotnet@v5 + uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 with: dotnet-version: | 6.0.x @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -78,4 +78,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 diff --git a/.github/workflows/content-validations.yaml b/.github/workflows/content-validations.yaml index 2434e252af7..d4e980fb2af 100644 --- a/.github/workflows/content-validations.yaml +++ b/.github/workflows/content-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/convertKqlFunctionYamlToArmTemplate.yaml b/.github/workflows/convertKqlFunctionYamlToArmTemplate.yaml index 9f156509ac6..acdc32e8612 100644 --- a/.github/workflows/convertKqlFunctionYamlToArmTemplate.yaml +++ b/.github/workflows/convertKqlFunctionYamlToArmTemplate.yaml @@ -49,12 +49,12 @@ jobs: persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal access token. fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository. - name: Install python - uses: actions/setup-python@v3 + uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3 with: python-version: "3.x" architecture: "x64" - name: Install yamale package - uses: BSFishy/pip-action@v1 + uses: BSFishy/pip-action@8f2d471d809dc20b6ada98c91910b6ae6243f318 # v1 with: packages: | yamale @@ -88,14 +88,14 @@ jobs: echo "Arm templates were changed. Changes were committed" fi - name: Push changes - uses: ad-m/github-push-action@master + uses: ad-m/github-push-action@4cc74773234f74829a8c21bc4d69dd4be9cfa599 # master if: ${{ env.armTemplatesChanged == 'true' }} with: github_token: ${{ steps.generate_token.outputs.token }} repository: ${{github.event.pull_request.head.repo.full_name}} branch: ${{ github.head_ref }} - name: Add comment - uses: mshick/add-pr-comment@v1 + uses: mshick/add-pr-comment@a96c578acba98b60f16c6866d5f20478dc4ef68b # v1 if: ${{ env.armTemplatesChanged == 'true' }} with: message: | diff --git a/.github/workflows/data-connector-validations.yaml b/.github/workflows/data-connector-validations.yaml index 38d088c338f..6cfda303d1e 100644 --- a/.github/workflows/data-connector-validations.yaml +++ b/.github/workflows/data-connector-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/detection-template-schema-validations.yaml b/.github/workflows/detection-template-schema-validations.yaml index 9af04ce3bb6..09d49130595 100644 --- a/.github/workflows/detection-template-schema-validations.yaml +++ b/.github/workflows/detection-template-schema-validations.yaml @@ -17,11 +17,11 @@ jobs: dotnetSdkVersion: 3.1.401 PRNUM: ${{ github.event.pull_request.number }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Need HEAD and parent for git diff - name: Use .NET Core SDK ${{ env.dotnetSdkVersion }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4 with: dotnet-version: ${{ env.dotnetSdkVersion }} - name: Run Detection template structure validation tests diff --git a/.github/workflows/detection-validations.yaml b/.github/workflows/detection-validations.yaml index ecdaad82492..4ce04be7ec1 100644 --- a/.github/workflows/detection-validations.yaml +++ b/.github/workflows/detection-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/documents-link-validation.yaml b/.github/workflows/documents-link-validation.yaml index 6fa362a884b..887ed7e57bd 100644 --- a/.github/workflows/documents-link-validation.yaml +++ b/.github/workflows/documents-link-validation.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/json-syntax-validation.yaml b/.github/workflows/json-syntax-validation.yaml index 8df081c8f28..c7d13ae7d94 100644 --- a/.github/workflows/json-syntax-validation.yaml +++ b/.github/workflows/json-syntax-validation.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/kql-validations.yaml b/.github/workflows/kql-validations.yaml index 759c905945c..01956b1f2ca 100644 --- a/.github/workflows/kql-validations.yaml +++ b/.github/workflows/kql-validations.yaml @@ -17,11 +17,11 @@ jobs: dotnetSdkVersion: 6.0.x PRNUM: ${{ github.event.pull_request.number }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Need HEAD and parent for git diff - name: Use .NET Core SDK ${{ env.dotnetSdkVersion }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4 with: dotnet-version: ${{ env.dotnetSdkVersion }} - name: Run KQL Validation tests diff --git a/.github/workflows/logo-validation.yaml b/.github/workflows/logo-validation.yaml index 748d9d8644a..dc359f91f86 100644 --- a/.github/workflows/logo-validation.yaml +++ b/.github/workflows/logo-validation.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/non-ascii-validations.yaml b/.github/workflows/non-ascii-validations.yaml index e25b71a2e37..d65e7f12294 100644 --- a/.github/workflows/non-ascii-validations.yaml +++ b/.github/workflows/non-ascii-validations.yaml @@ -17,11 +17,11 @@ jobs: buildConfiguration: Release dotnetSdkVersion: 3.1.401 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Need HEAD and parent for git diff - name: Use .NET Core SDK ${{ env.dotnetSdkVersion }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4 with: dotnet-version: ${{ env.dotnetSdkVersion }} - name: Run Non-Ascii validation tests diff --git a/.github/workflows/playbook-validations.yaml b/.github/workflows/playbook-validations.yaml index 94a2d958371..5b1b4488147 100644 --- a/.github/workflows/playbook-validations.yaml +++ b/.github/workflows/playbook-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/runAsimSchemaAndDataTesters.yaml b/.github/workflows/runAsimSchemaAndDataTesters.yaml index 984ec9a76fc..8623ba51a60 100644 --- a/.github/workflows/runAsimSchemaAndDataTesters.yaml +++ b/.github/workflows/runAsimSchemaAndDataTesters.yaml @@ -46,7 +46,7 @@ jobs: steps: - name: Checkout pull request branch if: github.event.pull_request != null - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -237,7 +237,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout pull request branch - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{github.event.pull_request.head.sha}} repository: ${{github.event.pull_request.head.repo.full_name}} @@ -257,7 +257,7 @@ jobs: exit 1 fi - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2 with: python-version: '3.x' - name: Install dependencies @@ -288,7 +288,7 @@ jobs: contents: read steps: - name: Checkout pull request branch - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: ref: ${{github.event.pull_request.head.sha}} repository: ${{github.event.pull_request.head.repo.full_name}} @@ -308,7 +308,7 @@ jobs: exit 1 fi - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: python-version: '3.x' - name: Install dependencies @@ -320,7 +320,7 @@ jobs: pip install azure-monitor-ingestion pip install azure-core - name: Login to Azure Public Cloud - uses: azure/login@v2 + uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2 with: client-id: ${{ secrets.AZURE_ASIM_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -349,7 +349,7 @@ jobs: contents: read steps: - name: Checkout pull request branch - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -357,7 +357,7 @@ jobs: fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository. - name: Login to Azure Public Cloud with AzPowershell - uses: azure/login@v2 + uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2 with: client-id: ${{ secrets.AZURE_ASIM_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -379,7 +379,7 @@ jobs: exit 1 fi - name: Run ASIM Schema and Data tests PowerShell script - uses: azure/powershell@v2 + uses: azure/powershell@53dd145408794f7e80f97cfcca04155c85234709 # v2 with: inlineScript: | $filePath = ".script/tests/asimParsersTest/runAsimTesters.ps1" @@ -413,7 +413,7 @@ jobs: contents: read steps: - name: Checkout pull request branch - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -433,7 +433,7 @@ jobs: exit 1 fi - name: Setup Python - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2 with: python-version: '3.x' - name: Install dependencies @@ -443,7 +443,7 @@ jobs: pip install azure-identity pip install azure-monitor-query - name: Login to Azure Public Cloud - uses: azure/login@v2 + uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2 with: client-id: ${{ secrets.AZURE_ASIM_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} diff --git a/.github/workflows/sample-data-validation.yaml b/.github/workflows/sample-data-validation.yaml index 01ac308e6f9..6fc96ad4fe6 100644 --- a/.github/workflows/sample-data-validation.yaml +++ b/.github/workflows/sample-data-validation.yaml @@ -21,10 +21,10 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - - uses: actions/setup-node@v4 + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: "20" cache: "npm" diff --git a/.github/workflows/slash-command-armttk.yaml b/.github/workflows/slash-command-armttk.yaml index 6a9e01fb620..d28bb5c24ff 100644 --- a/.github/workflows/slash-command-armttk.yaml +++ b/.github/workflows/slash-command-armttk.yaml @@ -21,7 +21,7 @@ jobs: steps: - name: Get PR details and validate id: get-pr - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: script: | const { data: pr } = await github.rest.pulls.get({ diff --git a/.github/workflows/solution-validations.yaml b/.github/workflows/solution-validations.yaml index ad37bebf210..ea27cc43360 100644 --- a/.github/workflows/solution-validations.yaml +++ b/.github/workflows/solution-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/solutionIntegration.yaml b/.github/workflows/solutionIntegration.yaml index 225a505dcfc..d56dc8f073d 100644 --- a/.github/workflows/solutionIntegration.yaml +++ b/.github/workflows/solutionIntegration.yaml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout pull request branch - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -64,7 +64,7 @@ jobs: "https://dev.azure.com/msazure/One/_apis/git/repositories/Sentinel-CATUtilities/items?path=/SolutionIntegrationTesting/config.json&api-version=6.0" - name: Setup Python Environment - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2 with: python-version: '3.x' diff --git a/.github/workflows/validateVersionChangedInDetections.yml b/.github/workflows/validateVersionChangedInDetections.yml index ad1272b781e..f7a205484ce 100644 --- a/.github/workflows/validateVersionChangedInDetections.yml +++ b/.github/workflows/validateVersionChangedInDetections.yml @@ -20,7 +20,7 @@ jobs: # check out and run the script steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v1 + - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1 - name: Check that template version was updated run: bash .script/checkThatTemplatesVersionWasChanged.sh diff --git a/.github/workflows/workbook-metadata-validations.yaml b/.github/workflows/workbook-metadata-validations.yaml index 5b4dc648c63..24269739929 100644 --- a/.github/workflows/workbook-metadata-validations.yaml +++ b/.github/workflows/workbook-metadata-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/workbook-template-validations.yaml b/.github/workflows/workbook-template-validations.yaml index 253e3a772bb..0dfdb522b2c 100644 --- a/.github/workflows/workbook-template-validations.yaml +++ b/.github/workflows/workbook-template-validations.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v diff --git a/.github/workflows/yaml-syntax-validation.yaml b/.github/workflows/yaml-syntax-validation.yaml index 59e57730764..9e2d831b214 100644 --- a/.github/workflows/yaml-syntax-validation.yaml +++ b/.github/workflows/yaml-syntax-validation.yaml @@ -21,7 +21,7 @@ jobs: GITHUBAPPPRIVATEKEY: ${{ secrets.APPLICATION_PRIVATE_KEY }} SYSTEM_PULLREQUEST_ISFORK: ${{ github.event.pull_request.head.repo.fork }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 # Only need HEAD and parent for git diff - run: npm install -g npm@6.14.18;which npm;npm -v