Code scanning (#1033)

* testing for fix branch * First few changes for the code review * more hash values added
greenbone · Aug 8, 2024 · 0828286 · 0828286
1 parent f785f66
commit 0828286
Show file tree

Hide file tree

Showing 7 changed files with 19 additions and 19 deletions.
diff --git a/.github/workflows/ci-python.yml b/.github/workflows/ci-python.yml
@@ -21,9 +21,9 @@ jobs:
           - "3.11"
           - "3.12"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Install and check with black, pylint and pontos.version
-        uses: greenbone/actions/lint-python@v3
+        uses: greenbone/actions/lint-python@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           packages: pontos tests
           python-version: ${{ matrix.python-version }}
@@ -40,9 +40,9 @@ jobs:
           - "3.11"
           - "3.12"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Install python, poetry and dependencies
-        uses: greenbone/actions/poetry@v3
+        uses: greenbone/actions/poetry@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           python-version: ${{ matrix.python-version }}
       - name: Run unit tests
@@ -59,9 +59,9 @@ jobs:
           - "3.11"
           - "3.12"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Run mypy
-        uses: greenbone/actions/mypy-python@v3
+        uses: greenbone/actions/mypy-python@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           python-version: ${{ matrix.python-version }}
 
@@ -71,9 +71,9 @@ jobs:
     needs: test
     runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Install and calculate and upload coverage to codecov.io
-        uses: greenbone/actions/coverage-python@v3
+        uses: greenbone/actions/coverage-python@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           python-version: "3.10"
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -82,9 +82,9 @@ jobs:
     name: Check versioning for consistency
     runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Install python, poetry and dependencies
-        uses: greenbone/actions/poetry@v3
+        uses: greenbone/actions/poetry@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
       - name: Check version
         run: |
           poetry run pontos-version verify current
diff --git a/.github/workflows/codeql-analysis-python.yml b/.github/workflows/codeql-analysis-python.yml
@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: "CodeQL"<
 
 on:
   push:
@@ -41,12 +41,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab #v3
         with:
           languages: ${{ matrix.language }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab #v3
diff --git a/.github/workflows/conventional-commits.yml b/.github/workflows/conventional-commits.yml
@@ -13,4 +13,4 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Report Conventional Commits
-        uses: greenbone/actions/conventional-commits@v3
+        uses: greenbone/actions/conventional-commits@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -9,4 +9,4 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Dependency Review'
-        uses: greenbone/actions/dependency-review@v3
+        uses: greenbone/actions/dependency-review@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
diff --git a/.github/workflows/deploy-pypi.yml b/.github/workflows/deploy-pypi.yml
@@ -18,7 +18,7 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Set up Python
-        uses: greenbone/actions/poetry@v3
+        uses: greenbone/actions/poetry@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           python-version: "3.10"
           install-dependencies: "false"

diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml
@@ -29,7 +29,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
       - name: Install poetry and dependencies
-        uses: greenbone/actions/poetry@v3
+        uses: greenbone/actions/poetry@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7
         with:
           python-version: "3.10"
       - name: Build Documentation

diff --git a/.github/workflows/sbom-upload.yml b/.github/workflows/sbom-upload.yml
@@ -15,4 +15,4 @@ jobs:
       contents: write
     steps:
       - name: 'SBOM upload'
-        uses: greenbone/actions/sbom-upload@v3
+        uses: greenbone/actions/sbom-upload@027c80b4a1e454af192f93aa55cb2bc58ce44b66 #v3.27.7