actions pinning

ChrisMcKee · ChrisMcKee · commit 349962f27f0c · 2026-02-17T15:05:37.000Z
diff --git a/.github/workflows/ci-build-pr.yml b/.github/workflows/ci-build-pr.yml
@@ -58,13 +58,6 @@ jobs:
       id: test
       run: dotnet run --configuration Release --coverage --coverage-output-format cobertura --report-github --project tests/UnitTests/BCrypt.Net.UnitTests.csproj
 
-    - name: 'Create test summary'
-      uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2.4
-      with:
-        paths: tests/UnitTests/**/TestResults.xml
-        show: "fail, skip"
-      if: always()
-
     - name: 'Generate Coverage Reports'
       uses: danielpalme/ReportGenerator-GitHub-Action@c4c5175a441c6603ec614f5084386dabe0e2295b # v5.4.12
       with:
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -67,7 +67,8 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@d3678e237b9c32a6c9bffb3315c335f976f3549f # v3.30.2
+      uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+
       with:
         languages: ${{ matrix.language }}
         config-file: ./.github/codeql/codeql-config.yml
@@ -78,4 +79,5 @@ jobs:
     - run: dotnet build --configuration CodeQL /p:UseSharedCompilation=false /t:rebuild
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@d3678e237b9c32a6c9bffb3315c335f976f3549f ## v3.30.2
+      uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+
diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
@@ -17,12 +17,16 @@ jobs:
   dependency-review:
     runs-on: ubuntu-24.04
     steps:
-    - name: Harden Runner
-      uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
+    - name: 'Harden Runner'
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
-    - uses: actions/checkout@v4
-    - uses: microsoft/DevSkim-Action@v1
-    - uses: github/codeql-action/upload-sarif@v3
+
+    - name: 'Checkout'
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      with:
+        fetch-depth: 0 # avoid shallow clone so nbgv can do its work.
+    - uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 #v1.0.16
+    - uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6  #v4.32.3
       with:
         sarif_file: devskim-results.sarif
