From 8d39da4ce20b933b5e8ac93fdf1b0d709d11b9c7 Mon Sep 17 00:00:00 2001 From: StepSecurity Bot Date: Wed, 21 Aug 2024 09:58:21 -0700 Subject: [PATCH] [StepSecurity] ci: Harden GitHub Actions (#61) Signed-off-by: StepSecurity Bot --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eb721f3..b9df329 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -167,7 +167,7 @@ jobs: git tag -a ${{ needs.check-release.outputs.version }} -m "Release ${{ needs.check-release.outputs.version }}" git push origin ${{ needs.check-release.outputs.version }} - name: Create GitHub release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 with: files: | ${{ github.workspace }}/artifacts/*.nupkg