chore(ci): Dependabot, workflow security (#1257)

Co-authored-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: niStee <52573120+niStee@users.noreply.github.comclear> Co-authored-by: GideonBear <87426140+GideonBear@users.noreply.github.com>
2025-08-11 10:24:18 +02:00
parent 9048cd8f47
commit 91fc5e3902
28 changed files with 257 additions and 109 deletions
--- a/.github/workflows/check_semver.yml
+++ b/.github/workflows/check_semver.yml
@@ -4,12 +4,15 @@ on:

 name: Check SemVer compliance

+permissions:
+  contents: read
+
 jobs:
  prepare:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions-rs/toolchain@v1
+      - uses: actions/checkout@v4.2.2
+      - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
        with:
          toolchain: nightly-2022-08-03
          override: true
@@ -18,7 +21,7 @@ jobs:
  semver:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions-rs/cargo@v1
+      - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
        with:
          command: install
          args: --git https://github.com/rust-lang/rust-semverver