From 44ba69757c7f25283c9f75174426f437816cb4db Mon Sep 17 00:00:00 2001
From: Jean-Christophe Fillion-Robin <jchris.fillionr@kitware.com>
Date: Wed, 15 Mar 2023 17:04:43 -0400
Subject: [PATCH] COMP: Pin GitHub actions to full length commit SHA

GitHub's security hardening guide recommends this mitigation method.
https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
---
 .github/workflows/clang-format-linter.yml | 2 +-
 .github/workflows/wasm.yml                | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/clang-format-linter.yml b/.github/workflows/clang-format-linter.yml
index c59dd58..e7ef7bc 100644
--- a/.github/workflows/clang-format-linter.yml
+++ b/.github/workflows/clang-format-linter.yml
@@ -7,6 +7,6 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0
 
     - uses: InsightSoftwareConsortium/ITKClangFormatLinterAction@master
diff --git a/.github/workflows/wasm.yml b/.github/workflows/wasm.yml
index a9f4b9c..b1356f8 100644
--- a/.github/workflows/wasm.yml
+++ b/.github/workflows/wasm.yml
@@ -8,9 +8,9 @@ jobs:
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
 
-    - uses: actions/setup-node@v3
+    - uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
       with:
         node-version: '18'