From e44a47d186a176ac6ca4644b75f7fd9dbfd306b7 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sat, 13 Nov 2021 21:22:09 +0000
Subject: [PATCH] ci: pin the codeql action to SHAs

It's a follow-up to https://github.com/systemd/systemd/pull/21316.

Judging by https://github.com/evverx/systemd/pull/36, Dependabot
supports their release cycle
---
 .github/workflows/codeql-analysis.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index ffba2d7e65..4918f0cd62 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -29,14 +29,14 @@ jobs:
       uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@5581e08a65fc3811c3ac78939dd59e7a8adbf003
       with:
         languages: ${{ matrix.language }}
 
     - run: sudo -E .github/workflows/unit_tests.sh SETUP
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@5581e08a65fc3811c3ac78939dd59e7a8adbf003
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@5581e08a65fc3811c3ac78939dd59e7a8adbf003
-- 
2.25.1