From f402cb561029c2c30a0ffbe7fac50f0105b73fe6 Mon Sep 17 00:00:00 2001
From: "stacklok-cloud-staging[bot]"
 <164156668+github-actions[bot]@users.noreply.github.com>
Date: Fri, 10 Jan 2025 08:29:15 +0000
Subject: [PATCH] Replace unpinned actions with pinned action

---
 .github/workflows/_security-checks.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/_security-checks.yaml b/.github/workflows/_security-checks.yaml
index d84eeda..b6d9756 100644
--- a/.github/workflows/_security-checks.yaml
+++ b/.github/workflows/_security-checks.yaml
@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
       - name: Scan repo
-        uses: aquasecurity/trivy-action@0.29.0
+        uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -26,10 +26,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
         with:
           node-version: '22'