From d5f1297459e43a72e8da5c8e88c5c3a71864923d Mon Sep 17 00:00:00 2001 From: Rubens Farias Date: Tue, 28 Feb 2023 14:04:44 -0500 Subject: [PATCH] Pin Token Exchange Workflow Version (#106) This reduces our security risk --- .github/workflows/release.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 997541b..222a9ab 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: tibdex/github-app-token@v1 + uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 with: app_id: ${{env.APP_ID}} private_key: ${{ secrets.TOKEN_EXCHANGE_GH_APP_PRIVATE_KEY }} @@ -59,7 +59,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: tibdex/github-app-token@v1 + uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 with: app_id: ${{env.APP_ID}} private_key: ${{ secrets.TOKEN_EXCHANGE_GH_APP_PRIVATE_KEY }} @@ -88,7 +88,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: tibdex/github-app-token@v1 + uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 with: app_id: ${{env.APP_ID}} private_key: ${{ secrets.TOKEN_EXCHANGE_GH_APP_PRIVATE_KEY }}