@@ -51,14 +51,14 @@ jobs:
5151 harbor-${HARBOR_TAG}
5252
5353name : Upload Generated CycloneDX SBOM
54- uses : actions/upload-artifact@v4 # v4
54+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
5555 with :
5656 name : generated-harbor-sbom-cyclonedx
5757 path : " /tmp/generated-harbor-sbom.cdx.json"
5858 if-no-files-found : error
5959
6060 - name : Upload Generated SPDX SBOM
61- uses : actions/upload-artifact@v4 # v4
61+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
6262 with :
6363 name : generated-harbor-sbom-spdx
6464 path : " /tmp/generated-harbor-sbom.spdx.json"
@@ -72,10 +72,10 @@ jobs:
7272 needs : Generate
7373 steps :
7474
75- - uses : actions/checkout@v4 # v4
75+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
7676
7777 - name : Download all workflow run artifacts
78- uses : actions/download-artifact@v4 # v4
78+ uses : actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
7979
8080 - name : Augment Stage - List Downloaded Artifacts
8181 run : ls -lha
@@ -125,13 +125,13 @@ jobs:
125125 augmented_harbor-sbom.cdx.json > /tmp/augmented_harbor-sbom.cdx.json
126126
127127 - name : Upload Augmented SPDX SBOM
128- uses : actions/upload-artifact@v4 # v4
128+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
129129 with :
130130 name : augmented-harbor-sbom-spdx
131131 path : " /tmp/augmented_harbor-sbom.spdx.json"
132132
133133 - name : Upload Augmented CycloneDX SBOM
134- uses : actions/upload-artifact@v4 # v4
134+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
135135 with :
136136 name : augmented-harbor-sbom-cyclonedx
137137 path : " /tmp/augmented_harbor-sbom.cdx.json"
@@ -141,15 +141,15 @@ jobs:
141141 needs : Augment
142142 steps :
143143
144- - uses : actions/checkout@v4 # v4
144+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
145145 - name : Enrich Download all workflow run artifacts
146- uses : actions/download-artifact@v4 # v4
146+ uses : actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
147147
148148 - name : Enrich Stage - List Downloaded Artifacts
149149 run : ls -lha
150150
151151 - name : Enrich Stage - Download all workflow run artifacts
152- uses : actions/download-artifact@v4 # v4
152+ uses : actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
153153
154154 - name : Install parlay
155155 run : |
@@ -167,13 +167,13 @@ jobs:
167167 augmented-harbor-sbom-spdx/augmented_harbor-sbom.spdx.json > /tmp/enriched_harbor-sbom.spdx.json
168168
169169name : Upload Enriched SPDX SBOM
170- uses : actions/upload-artifact@v4 # v4
170+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
171171 with :
172172 name : enriched-harbor-sbom-spdx
173173 path : " /tmp/enriched_harbor-sbom.spdx.json"
174174
175175 - name : Upload Enriched CycloneDX SBOM
176- uses : actions/upload-artifact@v4 # v4
176+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
177177 with :
178178 name : enriched-harbor-sbom-cyclonedx
179179 path : " /tmp/enriched_harbor-sbom.cdx.json"
@@ -184,13 +184,13 @@ jobs:
184184 cp /tmp/enriched_harbor-sbom.cdx.json /tmp/final_harbor-sbom.cdx.json
185185
186186name : Upload Final SPDX SBOM
187- uses : actions/upload-artifact@v4 # v4
187+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
188188 with :
189189 name : final-harbor-sbom-spdx
190190 path : " /tmp/final_harbor-sbom.spdx.json"
191191
192192 - name : Upload Final CycloneDX SBOM
193- uses : actions/upload-artifact@v4 # v4
193+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
194194 with :
195195 name : final-harbor-sbom-cyclonedx
196196 path : " /tmp/final_harbor-sbom.cdx.json"
0 commit comments