Pin Third Party Actions to Commit

anthony-symphony · anthony-symphony · commit 2267c3fafe07 · 2023-09-11T09:19:14.000-04:00
diff --git a/.github/workflows/cve-scanning-python.yml b/.github/workflows/cve-scanning-python.yml
@@ -21,7 +21,7 @@ jobs:
       - uses: actions/setup-python@v4
         with:
           python-version: "3.10"
-      - uses: abatilo/actions-poetry@v2
+      - uses: abatilo/actions-poetry@192395c0d10c082a7c62294ab5d9a9de40e48974
         with:
           poetry-version: "1.2.2"
       - name: Install safety
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
@@ -10,7 +10,7 @@ jobs:
     steps:
       - uses: actions/checkout@master
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/python@master
+        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
diff --git a/.github/workflows/pylint.yaml b/.github/workflows/pylint.yaml
@@ -36,7 +36,7 @@ jobs:
         run: pip install pylint
 
       - name: Download previous run results
-        uses: dawidd6/action-download-artifact@v2.12.0
+        uses: dawidd6/action-download-artifact@8c96194455d424a24437ec57817e0aa1a1d72adb
         continue-on-error: true
         with:
           workflow: pylint.yaml
