From 93709816395a67e6ba8a99dfeb5debe890314e82 Mon Sep 17 00:00:00 2001
From: Harshita Sao <84518563+harshitasao@users.noreply.github.com>
Date: Sun, 18 Aug 2024 20:06:07 +0530
Subject: [PATCH] fix: fixed the pinned dependencies issue (#6602)

Signed-off-by: harshitasao <harshitasao@gmail.com>
---
 .github/workflows/chart.yml       | 2 +-
 .github/workflows/commit-lint.yml | 2 +-
 .github/workflows/license.yml     | 2 +-
 .github/workflows/trivy-scan.yml  | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/chart.yml b/.github/workflows/chart.yml
index 89b34f2e0..47ffd575d 100644
--- a/.github/workflows/chart.yml
+++ b/.github/workflows/chart.yml
@@ -47,7 +47,7 @@ jobs:
           chart_smever=${chart_version#"v"}
           sed -i "s/0.1.0/$chart_smever/g" $HELM_CHART/Chart.yaml
 
-      - uses: jnwng/github-app-installation-token-action@v2
+      - uses: jnwng/github-app-installation-token-action@c54add4c02866dc41e106745ac6dcf5cdd6339e5 # v2
         id: get_app_token
         with:
           appId: 340472
diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
index 7ef9dc1da..1b233cbb4 100644
--- a/.github/workflows/commit-lint.yml
+++ b/.github/workflows/commit-lint.yml
@@ -15,7 +15,7 @@ jobs:
   check:
     runs-on: ubuntu-22.04
     steps:
-      - uses: thehanimo/pr-title-checker@v1.4.1
+      - uses: thehanimo/pr-title-checker@5652588c80c479af803eabfbdb5a3895a77c1388 # v1.4.1
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           pass_on_octokit_error: true
diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml
index d472cdece..faf91b0a5 100644
--- a/.github/workflows/license.yml
+++ b/.github/workflows/license.yml
@@ -19,7 +19,7 @@ jobs:
     steps:
       - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
       - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0
         with:
           ruby-version: 2.6
       - name: Install dependencies
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 664847af5..a22fb4816 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -20,14 +20,14 @@ jobs:
           docker build --build-arg GOPROXY=https://proxy.golang.org -t docker.io/oamdev/vela-core:${{ github.sha }} .
 
       - name: Run Trivy vulnerability scanner for vela core
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@d9cd5b1c23aaf8cb31bb09141028215828364bbb # master
         with:
           image-ref: 'docker.io/oamdev/vela-core:${{ github.sha }}'
           format: 'sarif'
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@366883a76d75dcee5428da5c3ae7abf9386e35ac # v2.26.2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'
\ No newline at end of file