diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 81c91c29839f18483164d73f3457903c60c8b2bf..41ecfeebb8dc46ced036f3fb385ed5da5448706e 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -35,7 +35,7 @@ jobs:
language: [ 'go' ]
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v2.3.4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index ec1a8bdaaac7650d9309824f69cb91071dfc543d..9b4e8c1cd0e2927952483accbbf6d78b79276cad 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -26,7 +26,7 @@ jobs:
runs-on: ubuntu-20.04
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v2.3.4
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | sed -r 's/^.*://g'| uniq)" >> $GITHUB_ENV
- uses: actions/setup-go@v2
@@ -50,7 +50,7 @@ jobs:
steps:
- name: download minisign
run: sudo add-apt-repository ppa:dysfunctionalprogramming/minisign && sudo apt-get update && sudo apt-get install minisign
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v2.3.4
- name: Docker Build
run: docker-compose build
- uses: actions/setup-go@v2
diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index c31426442a6c28c69652aa5de3a310d983ca66d8..35c9413870dcacf9badbec6b36d5181489a013cd 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -22,7 +22,7 @@ jobs:
name: license boilerplate check
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v2.3.4
- uses: actions/setup-go@v2
with:
go-version: '1.16'
@@ -38,7 +38,7 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v2.3.4
- name: deps
run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev
- name: golangci-lint