Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[StepSecurity] ci: Harden GitHub Actions #43

Merged
merged 1 commit into from
May 31, 2023
Merged

[StepSecurity] ci: Harden GitHub Actions #43

merged 1 commit into from
May 31, 2023

Conversation

step-security-bot
Copy link
Contributor

Summary

This pull request is created by Secure Repo at the request of @sagikazarmark. Please merge the Pull Request to incorporate the requested changes. Please tag @sagikazarmark on your message if you have any questions related to the PR. You can also engage with the StepSecurity team by tagging @step-security-bot.

Security Fixes

Pinned Dependencies

GitHub Action tags and Docker tags are mutatble. This poses a security risk. GitHub's Security Hardening guide recommends pinning actions to full length commit.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo. To create such PRs, please visit https://app.stepsecurity.io/securerepo.

Signed-off-by: StepSecurity Bot bot@stepsecurity.io

@step-security-bot
[StepSecurity] ci: Harden GitHub Actions
967e102 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
@sagikazarmark sagikazarmark merged commit 1bbf929 into bank-vaults:main May 31, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@sagikazarmark sagikazarmark sagikazarmark approved these changes

@bonifaido bonifaido Awaiting requested review from bonifaido

@akijakya akijakya Awaiting requested review from akijakya

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@step-security-bot @sagikazarmark