Skip to content

Commit 39ed372

Browse files
stainless-app[bot]stainless-app[bot]
committed
ci: pin GitHub Actions to commit SHAs
Pin all GitHub Actions referenced in generated workflows (both first-party `actions/*` and third-party) to immutable commit SHAs. Updating pinned actions is now a deliberate codegen-side bump rather than implicit on every workflow run.
1 parent cea79d5 commit 39ed372

1 file changed

Lines changed: 6 additions & 6 deletions

File tree

.github/workflows/ci.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,14 +26,14 @@ jobs:
2626
github.repository == 'stainless-sdks/stagehand-go' &&
2727
(github.event_name == 'push' || github.event.pull_request.head.repo.fork) && (github.event_name != 'push' || github.event.head_commit.message != 'codegen metadata')
2828
steps:
29-
- uses: actions/checkout@v6
29+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3030

3131
- name: Get GitHub OIDC Token
3232
if: |-
3333
github.repository == 'stainless-sdks/stagehand-go' &&
3434
!startsWith(github.ref, 'refs/heads/stl/')
3535
id: github-oidc
36-
uses: actions/github-script@v8
36+
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
3737
with:
3838
script: core.setOutput('github_token', await core.getIDToken());
3939

@@ -53,10 +53,10 @@ jobs:
5353
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
5454

5555
steps:
56-
- uses: actions/checkout@v6
56+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5757

5858
- name: Setup go
59-
uses: actions/setup-go@v5
59+
uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0
6060
with:
6161
go-version-file: ./go.mod
6262

@@ -68,10 +68,10 @@ jobs:
6868
runs-on: ${{ github.repository == 'stainless-sdks/stagehand-go' && 'depot-ubuntu-24.04' || 'ubuntu-latest' }}
6969
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
7070
steps:
71-
- uses: actions/checkout@v6
71+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
7272

7373
- name: Setup go
74-
uses: actions/setup-go@v5
74+
uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0
7575
with:
7676
go-version-file: ./go.mod
7777

0 commit comments

Comments
 (0)