diff --git a/.github/workflows/contracts-testing.yml b/.github/workflows/contracts-testing.yml index 3b5dd04c0..6a6618e37 100644 --- a/.github/workflows/contracts-testing.yml +++ b/.github/workflows/contracts-testing.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v2.10.1 + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: disable-sudo: true egress-policy: block @@ -40,14 +40,14 @@ jobs: 54.185.253.63:443 - name: Setup Node.js environment - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: 18.x - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Cache node modules - uses: actions/cache@v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 env: cache-name: cache-node-modules with: @@ -78,7 +78,7 @@ jobs: working-directory: contracts - name: Upload a build artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: code-coverage-report path: contracts/coverage diff --git a/services/bots/base/Dockerfile b/services/bots/base/Dockerfile index 3e1492d08..691bda01b 100644 --- a/services/bots/base/Dockerfile +++ b/services/bots/base/Dockerfile @@ -1,4 +1,4 @@ -FROM node:20-alpine +FROM node:20-alpine@sha256:426f843809ae05f324883afceebaa2b9cab9cb697097dbb1a2a7a41c5701de72 WORKDIR /usr/src/app