Pin dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	pinDigest	-> 11bd719
actions/setup-node	action	pinDigest	-> 49933ea

---

Configuration

📅 Schedule: Branch creation - "* * * * 2-4" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

_{reported by reviewdog 🐶}
[semgrep] An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA or is missing the semver reference comment

You can use pinact - https://github.com/suzuki-shunsuke/pinact - to pin them

👍

uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1

👎

uses: actions/cache@v3
uses: actions/[email protected]

GHA Policies


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/brave-third-party-action-not-pinned-to-commit-sha.yaml


Cc @thypon @kdenhartog

[github-actions]

_{reported by reviewdog 🐶}
[semgrep] An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA or is missing the semver reference comment

You can use pinact - https://github.com/suzuki-shunsuke/pinact - to pin them

👍

uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1

👎

uses: actions/cache@v3
uses: actions/[email protected]

GHA Policies


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/brave-third-party-action-not-pinned-to-commit-sha.yaml


Cc @thypon @kdenhartog