Merge pull request #70 from apache/dependabot/github_actions/actions/checkout-4.1.1
Bump actions/checkout from 2.7.0 to 4.1.1
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 2ae3d40..ddb99cc 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,7 +39,7 @@
steps:
- name: Checkout repository
- uses: actions/checkout@v4
+ uses: actions/checkout@v4.1.1
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
diff --git a/.github/workflows/pull-request-build.yml b/.github/workflows/pull-request-build.yml
index a60b7fc..fa01159 100644
--- a/.github/workflows/pull-request-build.yml
+++ b/.github/workflows/pull-request-build.yml
@@ -30,7 +30,7 @@
pull-requests: read
timeout-minutes: 130
steps:
- - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+ - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up JDK 11
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
with:
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index f11fc26..4d39850 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -40,7 +40,7 @@
steps:
- name: "Checkout code"
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # tag=v3.0.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v3.0.0
with:
persist-credentials: false