chore(security): Update and pin Graddle workflow actions by evansims · Pull Request #182 · auth0/jwks-rsa-java

evansims · 2023-07-17T18:10:56Z

This PR pins the gradle/wrapper-validation-action third-party action to a full-length commit SHA — that of release 1.0.6.

Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions

This PR also updates the official actions/checkout action to use the newer v3 release.

…klow-action

chore(security): Update and pin Graddle workflow actions

c4b4798

evansims requested a review from a team as a code owner July 17, 2023 18:10

evansims enabled auto-merge July 17, 2023 18:13

Merge branch 'master' into chore-security/update-and-pin-graddle-worf…

4712606

…klow-action

jimmyjames approved these changes Jul 28, 2023

View reviewed changes

jimmyjames disabled auto-merge July 28, 2023 01:38

jimmyjames merged commit 3fbbea4 into master Jul 28, 2023

jimmyjames deleted the chore-security/update-and-pin-graddle-worfklow-action branch July 28, 2023 01:38

jimmyjames mentioned this pull request Jul 28, 2023

Release 0.22.1 #185

Merged

Provide feedback