From 9f68fcc602b2831df320ed73166ca8ee53567cff Mon Sep 17 00:00:00 2001
From: caojiamingalan <alan.c.19971111@gmail.com>
Date: Mon, 26 Jun 2023 18:03:19 -0500
Subject: [PATCH] fix action tag comment pattern to be consistent

Signed-off-by: caojiamingalan <alan.c.19971111@gmail.com>
---
 .github/workflows/robustness-template-arm64.yaml | 2 +-
 .github/workflows/robustness-template.yaml       | 2 +-
 .github/workflows/scorecards.yml                 | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/robustness-template-arm64.yaml b/.github/workflows/robustness-template-arm64.yaml
index 7b3438e6993..2fbb82d8e9d 100644
--- a/.github/workflows/robustness-template-arm64.yaml
+++ b/.github/workflows/robustness-template-arm64.yaml
@@ -65,7 +65,7 @@ jobs:
               exit 1
               ;;
           esac
-      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
+      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
         if: always()
         with:
           name: ${{ inputs.artifactName }}
diff --git a/.github/workflows/robustness-template.yaml b/.github/workflows/robustness-template.yaml
index e48d57205ff..78de5b78bbd 100644
--- a/.github/workflows/robustness-template.yaml
+++ b/.github/workflows/robustness-template.yaml
@@ -58,7 +58,7 @@ jobs:
               exit 1
               ;;
           esac
-      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
+      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
         if: always()
         with:
           name: ${{ inputs.artifactName }}
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index c56e4c975a3..0d3f7550a0d 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -23,12 +23,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # tag=v3.0.0
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # tag=v2.1.3
+        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -42,7 +42,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # tag=v3.0.0
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
         with:
           name: SARIF file
           path: results.sarif
@@ -50,6 +50,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # tag=v1.0.26
+        uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0
         with:
           sarif_file: results.sarif