From 1f278999b6498bbe8516f5b7e3024c5d52d8b207 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Tue, 24 Sep 2024 16:38:33 +0100 Subject: [PATCH] Pin setup-go action The the setup go action in the CodeQL CI job for security. Signed-off-by: Andrea Frittoli --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f37f9a9e525..1f6dac32dfa 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -56,7 +56,7 @@ jobs: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Setup go - uses: actions/setup-go@v5 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 with: go-version: '1.22.x'