From d273c6f7b52d38bba945f3f214eac55614c1e610 Mon Sep 17 00:00:00 2001
From: Harsh Shandilya <me@msfjarvis.dev>
Date: Fri, 24 Mar 2023 14:26:23 +0530
Subject: [PATCH] fix(ci): use exact versions

---
 .github/workflows/baseline-profile.yml | 2 +-
 .github/workflows/codeql_analysis.yml  | 8 ++++----
 .github/workflows/qodana_scan.yml      | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/baseline-profile.yml b/.github/workflows/baseline-profile.yml
index 620f070d..e648a512 100644
--- a/.github/workflows/baseline-profile.yml
+++ b/.github/workflows/baseline-profile.yml
@@ -70,7 +70,7 @@ jobs:
     # to actually run the test once the emulator has booted.
     - name: Create AVD snapshot for caching
       if: steps.avd-cache.outputs.cache-hit != 'true'
-      uses: reactivecircus/android-emulator-runner@d94c3fbe4fe6a29e4a5ba47c12fb47677c73656b # v2
+      uses: reactivecircus/android-emulator-runner@d94c3fbe4fe6a29e4a5ba47c12fb47677c73656b # v2.28.0
       with:
         api-level: ${{ env.AVD_API_LEVEL }}
         arch: ${{ env.AVD_ARCH }}
diff --git a/.github/workflows/codeql_analysis.yml b/.github/workflows/codeql_analysis.yml
index b8c5671f..172800d8 100644
--- a/.github/workflows/codeql_analysis.yml
+++ b/.github/workflows/codeql_analysis.yml
@@ -13,14 +13,14 @@ jobs:
       security-events: write
     steps:
     - name: Checkout repository
-      uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3
+      uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@67a35a08586135a9573f4327e904ecbf517a882d # v2
+      uses: github/codeql-action/init@67a35a08586135a9573f4327e904ecbf517a882d # v2.2.8
       with:
         languages: java
     - name: Autobuild
-      uses: github/codeql-action/autobuild@67a35a08586135a9573f4327e904ecbf517a882d # v2
+      uses: github/codeql-action/autobuild@67a35a08586135a9573f4327e904ecbf517a882d # v2.2.8
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@67a35a08586135a9573f4327e904ecbf517a882d # v2
+      uses: github/codeql-action/analyze@67a35a08586135a9573f4327e904ecbf517a882d # v2.2.8
       with:
         category: "/language:java"
diff --git a/.github/workflows/qodana_scan.yml b/.github/workflows/qodana_scan.yml
index 5969d393..2ac19c38 100644
--- a/.github/workflows/qodana_scan.yml
+++ b/.github/workflows/qodana_scan.yml
@@ -7,7 +7,7 @@ jobs:
   qodana:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3
+      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           fetch-depth: 0
       - name: 'Qodana Scan'