From 571f305db57135f7d9c63980a1ab68b548778f0b Mon Sep 17 00:00:00 2001 From: JL Mitra Date: Tue, 7 Apr 2026 13:56:46 -0700 Subject: [PATCH] chore: SECENG-7706 [security] Pin versions of GitHub Actions to full commit hash - quotation fix This PR pins versions of GitHub Actions to full commit hash via [automated scripts](https://github.com/amplitude/tools/tree/master/seceng/github_actions/pin-gha). This PR fixes an error with the previous script not correctly parsing lines in "" quotations. In general, this PR doesn't change the behavior of the workflows, so you can merge this safely. This pull request was created by [multi-gitter](https://github.com/lindell/multi-gitter). Please merge this pull request by 4/10/2026. For any questions, please ask in the Slack channel #help-security. --- .github/workflows/publish-to-pypi.yml | 2 +- .github/workflows/publish-to-test-pypi.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml index 992b3ca..a8d5658 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-to-pypi.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ${{ github.actor }} permission check to do a release - uses: "lannonbr/repo-permission-check-action@2.0.2" + uses: "lannonbr/repo-permission-check-action@2bb8c89ba8bf115c4bfab344d6a6f442b24c9a1f" # 2.0.2 with: permission: "write" env: diff --git a/.github/workflows/publish-to-test-pypi.yml b/.github/workflows/publish-to-test-pypi.yml index d7419eb..c87ceb0 100644 --- a/.github/workflows/publish-to-test-pypi.yml +++ b/.github/workflows/publish-to-test-pypi.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ${{ github.actor }} permission check to do a release - uses: "lannonbr/repo-permission-check-action@2.0.2" + uses: "lannonbr/repo-permission-check-action@2bb8c89ba8bf115c4bfab344d6a6f442b24c9a1f" # 2.0.2 with: permission: "write" env: