Signal-Server

History

Blake Irvin 12e11609a9 pin 3rd-party Actions dep by full SHA This change follows GitHub's security-hardening guidance. By pinning to a full SHA, we reduce our exposure to supply-chain attacks where a malicious party could compromise the 3rd-party Actions repo, commit malicious code, and then mutate an existing git tag to redirect to a SHA containing the malicious commit. See https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions for more.	2021-09-10 14:22:11 -05:00
..
test.yml	pin 3rd-party Actions dep by full SHA	2021-09-10 14:22:11 -05:00

Blake Irvin 12e11609a9 pin 3rd-party Actions dep by full SHA

This change follows GitHub's security-hardening guidance. By pinning to a full SHA, we reduce our exposure to supply-chain attacks where a malicious party could compromise the 3rd-party Actions repo, commit malicious code, and then mutate an existing git tag to redirect to a SHA containing the malicious commit.

See https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions for more.

2021-09-10 14:22:11 -05:00

test.yml

pin 3rd-party Actions dep by full SHA

2021-09-10 14:22:11 -05:00