Skip to content

Commit 56d9a44

Browse files
committed
[SEC-7924] chore: pin third-party GitHub Actions to commit SHAs
Pin all third-party GitHub Actions to full-length commit SHAs to prevent supply chain attacks. Addresses findings from the third-party-action-not-pinned-to-commit-sha Semgrep rule.
1 parent 1ad9225 commit 56d9a44

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

.github/actions/install-boost/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ runs:
2222
steps:
2323
- name: Install boost using action
2424
if: runner.os == 'Linux'
25-
uses: MarkusJx/install-boost@v2.4.4
25+
uses: MarkusJx/install-boost@3039450bb3dd2e8630d1cf10ec39cb1da3054bbd # v2.4.4
2626
id: boost-action
2727
with:
2828
boost_version: 1.81.0

0 commit comments

Comments
 (0)