This is an automated email from the ASF dual-hosted git repository. acosentino pushed a commit to branch pin-actions-validate in repository https://gitbox.apache.org/repos/asf/camel-kamelets.git
commit 686d71140f67d146247a7865f7416eebca9f59eb Author: Andrea Cosentino <[email protected]> AuthorDate: Tue Aug 20 14:31:49 2024 +0200 Github Actions Security Best practices: Pin Actions to Full lenght Commit SHA - Validate action --- .github/workflows/validate.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml index f03f8650..a9d5382a 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/validate.yaml @@ -40,14 +40,17 @@ concurrency: group: ${{ github.ref }}-${{ github.workflow }} cancel-in-progress: true +permissions: + contents: read + jobs: validate: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: 1.20.x - name: Run Validator
