Skip to content

Commit 9f0bce6

Browse files
Fixed iac issues (#661)
Co-authored-by: tamarleviCm <[email protected]>
1 parent 2fcc9da commit 9f0bce6

File tree

5 files changed

+8
-6
lines changed

5 files changed

+8
-6
lines changed

.github/workflows/ast-scan.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ jobs:
99
- name: Checkout
1010
uses: actions/checkout@v4
1111
- name: Checkmarx AST CLI Action
12-
uses: checkmarx/ast-github-action@main
12+
uses: checkmarx/ast-github-action@831a8d51a8a0535c0399f9c12728d8d3cc22d850 #main (currently 2.0.28)
1313
with:
1414
base_uri: ${{ secrets.BASE_URI }}
1515
cx_tenant: ${{ secrets.TENANT }}

.github/workflows/delete-packages-and-releases.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141
4242
- name: Delete releases and tags
4343
continue-on-error: true
44-
uses: dev-drprasad/[email protected]
44+
uses: dev-drprasad/delete-older-releases@dfbe6be2a006e9475dfcbe5b8d201f1824c2a9fe #v0.3.4
4545
env:
4646
GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
4747
with:

.github/workflows/dependabot-auto-merge.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ jobs:
1111
steps:
1212
- name: Dependabot metadata
1313
id: metadata
14-
uses: dependabot/[email protected]
14+
uses: dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 #v2.1.0
1515
with:
1616
github-token: "${{ secrets.PERSONAL_ACCESS_TOKEN }}"
1717
- name: Enable auto-merge for Dependabot PRs
@@ -20,6 +20,6 @@ jobs:
2020
GITHUB_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN }}
2121
run: gh pr merge --auto --merge "$PR_URL"
2222
- name: Auto approve dependabot PRs
23-
uses: hmarr/auto-approve-action@v4
23+
uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 #v4
2424
with:
2525
github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}

.github/workflows/release.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,11 +92,13 @@ jobs:
9292
npm ci
9393
npm run build
9494
95+
9596
# PUSH TAGS IF IT IS A RELEASE
9697
- name: Push tag if release
9798
if: inputs.dev == false
9899
run: git push && git push --tags
99100

101+
100102
# PUBLISH NPM PACKAGE
101103
- name: Publish npm package
102104
run: |
@@ -110,7 +112,7 @@ jobs:
110112

111113
# CREATE RELEASE
112114
- name: Create Release
113-
uses: softprops/action-gh-release@v2
115+
uses: softprops/action-gh-release@a6c7483a42ee9d5daced968f6c217562cd680f7f #v2
114116
with:
115117
name: ${{env.TAG_NAME}}
116118
tag_name: ${{env.TAG_NAME}}

.github/workflows/update-cli.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ jobs:
2929
./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
3030
- name: Create Pull Request
3131
if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
32-
uses: peter-evans/create-pull-request@v6
32+
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 #v6
3333
with:
3434
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
3535
commit-message: Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}

0 commit comments

Comments
 (0)