From d98ff3979c454b30e06c9028077eccd7b011ff87 Mon Sep 17 00:00:00 2001
From: "renovate-pagopa[bot]"
 <164534245+renovate-pagopa[bot]@users.noreply.github.com>
Date: Thu, 31 Oct 2024 05:41:16 +0000
Subject: [PATCH] Pin dependencies

---
 .github/actions/build-nextjs-website/action.yaml | 2 +-
 .github/actions/deploy/action.yaml               | 2 +-
 .github/workflows/move_latest_tag.yaml           | 2 +-
 apps/chatbot/docker/app.Dockerfile               | 2 +-
 apps/chatbot/docker/app.local.Dockerfile         | 2 +-
 apps/chatbot/docker/compose.yaml                 | 4 ++--
 apps/chatbot/load-test/docker-compose.yml        | 4 ++--
 7 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/actions/build-nextjs-website/action.yaml b/.github/actions/build-nextjs-website/action.yaml
index 3f72e40e76..5d64618d28 100644
--- a/.github/actions/build-nextjs-website/action.yaml
+++ b/.github/actions/build-nextjs-website/action.yaml
@@ -54,7 +54,7 @@ runs:
   using: "composite"
   steps:
     - name: Download GitBook docs
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       with:
         repository: pagopa/devportal-docs
         ref: docs/from-gitbook
diff --git a/.github/actions/deploy/action.yaml b/.github/actions/deploy/action.yaml
index a8faf78170..efb45d916b 100644
--- a/.github/actions/deploy/action.yaml
+++ b/.github/actions/deploy/action.yaml
@@ -74,7 +74,7 @@ runs:
       run: npm run compile
 
     - name: Download GitBook docs
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       with:
         repository: pagopa/devportal-docs
         ref: docs/from-gitbook
diff --git a/.github/workflows/move_latest_tag.yaml b/.github/workflows/move_latest_tag.yaml
index 7bee4f6f88..bbd22e8f96 100644
--- a/.github/workflows/move_latest_tag.yaml
+++ b/.github/workflows/move_latest_tag.yaml
@@ -12,7 +12,7 @@ jobs:
     if: ${{ startsWith(github.ref, 'refs/tags/') && !endsWith(github.ref, '@latest') }}
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       
     - name: Get commit hash associated with the new tag
       id: get-commit
diff --git a/apps/chatbot/docker/app.Dockerfile b/apps/chatbot/docker/app.Dockerfile
index 56bd38451b..83017b82a7 100644
--- a/apps/chatbot/docker/app.Dockerfile
+++ b/apps/chatbot/docker/app.Dockerfile
@@ -1,4 +1,4 @@
-FROM public.ecr.aws/lambda/python:3.12
+FROM public.ecr.aws/lambda/python:3.12@sha256:2951186769ff98c4f1acf3783d9432e40cb3b03c72aab239588b3544f647bb36
 ARG DEBIAN_FRONTEND=noninteractive
 
 ENV PYTHONPATH=$LAMBDA_TASK_ROOT
diff --git a/apps/chatbot/docker/app.local.Dockerfile b/apps/chatbot/docker/app.local.Dockerfile
index 532ebf0b73..9000b9ede7 100644
--- a/apps/chatbot/docker/app.local.Dockerfile
+++ b/apps/chatbot/docker/app.local.Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.12.4-slim-bullseye
+FROM python:3.12.4-slim-bullseye@sha256:26ce493641ad3b1c8a6202117c31340c7bbb2dc126f1aeee8ea3972730a81dc6
 ARG DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update && \
diff --git a/apps/chatbot/docker/compose.yaml b/apps/chatbot/docker/compose.yaml
index 349c715027..d71c5e036f 100644
--- a/apps/chatbot/docker/compose.yaml
+++ b/apps/chatbot/docker/compose.yaml
@@ -18,7 +18,7 @@ services:
       - ntw
   
   dynamodb:
-    image: amazon/dynamodb-local:2.5.2
+    image: amazon/dynamodb-local:2.5.2@sha256:d7ebddeb60fa418bcda218a6c6a402a58441b2a20d54c9cb1d85fd5194341753
     environment:
       - AWS_ACCESS_KEY_ID=dummy
       - AWS_SECRET_ACCESS_KEY=dummy
@@ -29,7 +29,7 @@ services:
       - ntw
   
   redis:
-    image: redis/redis-stack:7.2.0-v13
+    image: redis/redis-stack:7.2.0-v13@sha256:2b000b938e407d14acafa9b7affd4c5a94ceeec572b25b15dcef0d3a6c064d7e
     ports:
       - "6379:6379"
       - "8001:8001"
diff --git a/apps/chatbot/load-test/docker-compose.yml b/apps/chatbot/load-test/docker-compose.yml
index a5625277be..99cdff973a 100644
--- a/apps/chatbot/load-test/docker-compose.yml
+++ b/apps/chatbot/load-test/docker-compose.yml
@@ -1,6 +1,6 @@
 services:
   master:
-    image: locustio/locust:2.32.1
+    image: locustio/locust:2.32.1@sha256:d0bd7649b89fb2ee981e382d6e9ae2932d898110707943ecff0ef108569b6a5f
     ports:
       - "8089:8089"
     volumes:
@@ -12,7 +12,7 @@ services:
       - "host.docker.internal:host-gateway"
 
   worker:
-    image: locustio/locust:2.32.1
+    image: locustio/locust:2.32.1@sha256:d0bd7649b89fb2ee981e382d6e9ae2932d898110707943ecff0ef108569b6a5f
     volumes:
       - ./:/mnt/locust
     command: -f /mnt/locust/locustfile.py --worker --master-host master