pinterest · paul-dingemans · Oct 8, 2023 · Sep 4, 2023 · Goooler · Oct 5, 2023
diff --git a/.github/workflows/generate-changelog.yml b/.github/workflows/generate-changelog.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'pinterest/ktlint'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
         with:
           fetch-depth: 0 # fetch all commits/branches/tags
 

diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
@@ -7,5 +7,5 @@ jobs:
     name: "Validation"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
       - uses: gradle/wrapper-validation-action@v1
diff --git a/.github/workflows/publish-release-build.yml b/.github/workflows/publish-release-build.yml
@@ -11,7 +11,7 @@ jobs:
     if: github.repository == 'pinterest/ktlint'
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
         with:
           ref: 'master'
 

diff --git a/.github/workflows/publish-release-docs.yml b/.github/workflows/publish-release-docs.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'pinterest/ktlint'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
         with:
           fetch-depth: 0 # fetch all commits/branches
       - uses: actions/setup-python@v4

diff --git a/.github/workflows/publish-snapshot-build.yml b/.github/workflows/publish-snapshot-build.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'pinterest/ktlint'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
 
       - uses: ./.github/actions/setup-gradle-build
 

diff --git a/.github/workflows/publish-snapshot-docs.yml b/.github/workflows/publish-snapshot-docs.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'pinterest/ktlint'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
         with:
           fetch-depth: 0 # fetch all commits/branches
       - uses: actions/setup-python@v4

diff --git a/.github/workflows/pull-request-with-code.yml b/.github/workflows/pull-request-with-code.yml
@@ -36,7 +36,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     name: "[build] OS=${{ matrix.os }} Kotlin=stable"
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
 
       - uses: ./.github/actions/setup-gradle-build
 
@@ -71,7 +71,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     name: "[build] OS=${{ matrix.os }}, Kotlin=dev"
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
 
       - uses: ./.github/actions/setup-gradle-build
 
@@ -87,7 +87,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     name: "[tests] OS=${{ matrix.os }}, Java=${{ matrix.jdk }}"
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
 
       - uses: ./.github/actions/setup-gradle-build
         with: