Use pinned by hash versions for github actions (#419)

Signed-off-by: Bogdan Drutu <[email protected]>
Co-authored-by: Bogdan Drutu <[email protected]>

Author: bogdandrutu

.github/workflows/fossa.yml

@@ -12,7 +12,8 @@ jobs:
   fossa:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Checkout Repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0
         with:

.github/workflows/markdown.yml

@@ -17,8 +17,8 @@ jobs:
   markdownlint:
     runs-on: ubuntu-latest
     steps:
-    - name: check out code
-      uses: actions/checkout@v4
+    - name: Checkout Repo
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: install markdownlint
       run: sudo npm install -g markdownlint-cli

.github/workflows/ossf-scorecard.yml

@@ -19,7 +19,8 @@ jobs:
       # Needed for GitHub OIDC token if publish_results is true
       id-token: write
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Checkout Repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           persist-credentials: false
 

.github/workflows/protobuf-dockerimage.yml

@@ -20,11 +20,14 @@ jobs:
         TARGETARCH: [amd64]
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - name: Checkout Repo
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
     - name: Build the Docker image
       run: docker build protobuf/. -t build-protobuf
       env:
         TARGETARCH: ${{ matrix.TARGETARCH }}
+
     - name: Push the Docker image
       if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
       run: |

.github/workflows/schema_tools.yml

@@ -16,14 +16,15 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - name: Checkout Repo
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Build the Docker image
       run: docker build schemas/. -t build-tool-schemas
 
     - name: Login to GitHub Package Registry
       if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
-      uses: docker/login-action@v3
+      uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
       with:
         username: ${{ secrets.DOCKER_USERNAME }}
         password: ${{ secrets.DOCKER_PASSWORD }}