From 12621193f472bfb1823652e4e6b7f19445aa2a7c Mon Sep 17 00:00:00 2001
From: Moritz Kern <92092328+Moritz-Alexander-Kern@users.noreply.github.com>
Date: Thu, 25 May 2023 14:59:41 +0200
Subject: [PATCH] Enhance security of actions (#69)

* tag the wei/git-sync github action to specific tag
---
 .github/workflows/ebrains.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ebrains.yml b/.github/workflows/ebrains.yml
index 0e4886f..d707249 100644
--- a/.github/workflows/ebrains.yml
+++ b/.github/workflows/ebrains.yml
@@ -14,7 +14,7 @@ jobs:
       # this task will push the master branch of the source_repo (github) to the
       # destination_repo (ebrains gitlab)
       - name: syncmaster
-        uses: wei/git-sync@v3
+        uses: wei/git-sync@55c6b63b4f21607da0e9877ca9b4d11a29fc6d83 # corresponds to v3
         # component owners need to set their own variables
         # the destination_repo format is
         # https://gitlab_service_account_name:${{ secrets.EBRAINS_GITLAB_ACCESS_TOKEN }}@gitlab.ebrains.eu/name_of_mirror.git
@@ -25,7 +25,7 @@ jobs:
           destination_branch: "master"
       # this task will push all tags from the source_repo to the destination_repo
       - name: synctags
-        uses: wei/git-sync@v3
+        uses: wei/git-sync@55c6b63b4f21607da0e9877ca9b4d11a29fc6d83 # corresponds to v3
         with:
           source_repo: "INM-6/viziphant"
           source_branch: "refs/tags/*"