commit b78def2581238cb1c2d6294e568a552f36ce7cbb
author Marius Brehler <marius.brehler@amd.com> Fri Sep 06 18:53:11 2024 +0200
committer GitHub <noreply@github.com> Fri Sep 06 18:53:11 2024 +0200
tree 6af8dc1ef2361e3e4c59d66ff58686fdd1530d2e
parent 84d07895f05a2381d2615a5c830c707415097a39

Update and pin dependencies (#18454)

Pins (and updates some) dependencies as suggested by OpenSSF Scorecard,
see
https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies.

.github/workflows/pkgci_test_amd_w7900.yml

diff --git a/.github/workflows/pkgci_test_amd_w7900.yml b/.github/workflows/pkgci_test_amd_w7900.yml
index a2cb109..d73617e 100644
--- a/.github/workflows/pkgci_test_amd_w7900.yml
+++ b/.github/workflows/pkgci_test_amd_w7900.yml
@@ -31,16 +31,16 @@
       IREE_HIP_TEST_TARGET_CHIP: "gfx1100"
     steps:
       - name: Check out repository
-        uses: actions/checkout@v4.1.7
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           submodules: false
       - name: Check out runtime submodules
         run: ./build_tools/scripts/git/update_runtime_submodules.sh
-      - uses: actions/setup-python@v5.1.0
+      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.1.0
         with:
           # Must match the subset of versions built in pkgci_build_packages.
           python-version: "3.11"
-      - uses: actions/download-artifact@v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: linux_x86_64_release_packages
           path: ${{ env.PACKAGE_DOWNLOAD_DIR }}