Skip to content

Commit 40f6dee

Browse files
Raj-StepSecurityRaj-StepSecurity
authored
Merge pull request #40 from step-security/stepsecurity_remediation_1742901381
[StepSecurity] Apply security best practices
2 parents 203ef3d + 4b34b21 commit 40f6dee

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

.github/workflows/test.yml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -43,13 +43,13 @@ jobs:
4343

4444
steps:
4545
- name: Harden Runner
46-
uses: step-security/harden-runner@v2
46+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
4747
with:
4848
egress-policy: audit
4949

50-
- uses: 'actions/checkout@v4'
50+
- uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2
5151

52-
- uses: 'actions/setup-node@v4'
52+
- uses: 'actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e' # v4.3.0
5353
with:
5454
node-version: '20.x'
5555

@@ -83,13 +83,13 @@ jobs:
8383

8484
steps:
8585
- name: Harden Runner
86-
uses: step-security/harden-runner@v2
86+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
8787
with:
8888
egress-policy: audit
8989

90-
- uses: 'actions/checkout@v4'
90+
- uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2
9191

92-
- uses: 'actions/setup-node@v4'
92+
- uses: 'actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e' # v4.3.0
9393
with:
9494
node-version: '20.x'
9595

@@ -103,7 +103,7 @@ jobs:
103103
project_id: '${{ vars.PROJECT_ID }}'
104104
workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
105105

106-
- uses: 'google-github-actions/setup-gcloud@v2'
106+
- uses: 'google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a' # v2.1.2
107107
with:
108108
version: '>= 363.0.0'
109109

@@ -128,13 +128,13 @@ jobs:
128128

129129
steps:
130130
- name: Harden Runner
131-
uses: step-security/harden-runner@v2
131+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
132132
with:
133133
egress-policy: audit
134134

135-
- uses: 'actions/checkout@v4'
135+
- uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2
136136

137-
- uses: 'actions/setup-node@v4'
137+
- uses: 'actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e' # v4.3.0
138138
with:
139139
node-version: '20.x'
140140

@@ -148,6 +148,6 @@ jobs:
148148
workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
149149
service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
150150

151-
- uses: 'google-github-actions/setup-gcloud@v2'
151+
- uses: 'google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a' # v2.1.2
152152
with:
153153
version: '>= 363.0.0'

0 commit comments

Comments
 (0)