Skip to content

Commit 606edf8

Browse files
committed
ci: tighten security of checkout action
1 parent 67446a4 commit 606edf8

File tree

1 file changed

+12
-4
lines changed

1 file changed

+12
-4
lines changed

.github/workflows/build.yml

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,9 @@ jobs:
2020
name: 🔨 Build distribution
2121
runs-on: ubuntu-latest
2222
steps:
23-
- uses: actions/checkout@v4
23+
- uses: actions/checkout@v6
24+
with:
25+
persist-credentials: false
2426
- name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
2527
uses: actions/setup-python@v5
2628
with:
@@ -34,7 +36,9 @@ jobs:
3436
name: 🧹 Pre-commit
3537
runs-on: ubuntu-latest
3638
steps:
37-
- uses: actions/checkout@v4
39+
- uses: actions/checkout@v6
40+
with:
41+
persist-credentials: false
3842
- name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
3943
uses: actions/setup-python@v5
4044
with:
@@ -54,7 +58,9 @@ jobs:
5458
python: ["3.9", "3.10", "3.11", "3.12", "3.13"]
5559
runs-on: ubuntu-latest
5660
steps:
57-
- uses: actions/checkout@v4
61+
- uses: actions/checkout@v6
62+
with:
63+
persist-credentials: false
5864
- name: 🏗 Set up Python ${{ matrix.python }}
5965
uses: actions/setup-python@v4
6066
with:
@@ -100,7 +106,9 @@ jobs:
100106
python: ["3.9", "3.10", "3.11", "3.12", "3.13"]
101107
runs-on: ubuntu-latest
102108
steps:
103-
- uses: actions/checkout@v4
109+
- uses: actions/checkout@v6
110+
with:
111+
persist-credentials: false
104112
- name: 🏗 Set up Python ${{ matrix.python }}
105113
uses: actions/setup-python@v5
106114
with:

0 commit comments

Comments
 (0)