diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index edc12b7..42decfa 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -31,7 +31,7 @@ jobs: publish_results: true - name: Upload results to GitHub Security tab - uses: github/codeql-action/upload-sarif@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # v3 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3 with: sarif_file: scorecard-results.sarif category: scorecard diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml index d2203dd..359adab 100644 --- a/.github/workflows/test-package.yml +++ b/.github/workflows/test-package.yml @@ -49,7 +49,7 @@ jobs: coverage xml -o ./coverage.xml - name: Upload coverage to Codecov - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6 with: token: ${{ secrets.CODECOV_TOKEN }} fail_ci_if_error: false diff --git a/.github/workflows/update-data.yml b/.github/workflows/update-data.yml index be37360..034ae2a 100644 --- a/.github/workflows/update-data.yml +++ b/.github/workflows/update-data.yml @@ -37,7 +37,7 @@ jobs: pre-commit run --files fontbro/data/unicode-blocks.json fontbro/data/unicode-scripts.json - name: Commit data - uses: test-room-7/action-update-file@be6fb6d9c59d5ec4b56542f2e8ad2516a99e3402 # v2 + uses: test-room-7/action-update-file@6b8249d09d5926fbae288c0bb640757f09ec7ce0 # v2 with: file-path: | fontbro/data/unicode-blocks.json