sandy-sachin7 opened a new pull request, #23062: URL: https://github.com/apache/datafusion/pull/23062
## Which issue does this PR close? - Closes #23037 ## Rationale for this change The default branch already hardened `.github/workflows/dev.yml` against unpinned-uses (commit SHAs instead of mutable tags), but the `maint-16.x` release branch still uses mutable tags. This backports the same fix. ## What changes are included in this PR? Pin the following actions to their commit SHA (with the version tag as a comment): | Action | Previous | Pinned SHA | |--------|----------|------------| | `actions/checkout` (rat job) | `@v3` | `f43a0e5ff2bd294095638e18286ca9a3d1956744` | | `actions/setup-python` (rat job) | `@v4` | `0ae58361cdfd39e2950bed97a1e26aa20c3d8955` | | `actions/checkout` (prettier job) | `@v3` | `f43a0e5ff2bd294095638e18286ca9a3d1956744` | | `actions/setup-node` (prettier job) | `@v3` | `3235b876344d2a9aa001b8d1453c930bba69e610` | ## Are these changes tested? Checked with `actionlint` — no new lint or security findings introduced. The fix matches the pattern already applied on the default branch. ## Are there any user-facing changes? No — CI workflow only. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
