From 089fc08ed2ca99e2491280adaff12e6c082c63d6 Mon Sep 17 00:00:00 2001 From: Alejandro Alvarez Date: Fri, 6 Mar 2026 05:14:59 +0100 Subject: [PATCH] Pin build-logic workflow refs to commit SHA Replace @main with @3bc448f805496d87c284977b62cda22c5aad540d for supply chain protection. DAT-22394 Co-Authored-By: Claude Opus 4.6 --- .github/workflows/claude-code-review.yml | 2 +- .github/workflows/claude.yml | 2 +- .github/workflows/fossa.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index a1cd773db0..bfff5231f0 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -15,5 +15,5 @@ permissions: jobs: claude-review: - uses: liquibase/build-logic/.github/workflows/claude-code-review.yml@main + uses: liquibase/build-logic/.github/workflows/claude-code-review.yml@3bc448f805496d87c284977b62cda22c5aad540d # main secrets: inherit diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 024c6ceffa..6c9eefe96a 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -26,5 +26,5 @@ jobs: (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) - uses: liquibase/build-logic/.github/workflows/claude.yml@main + uses: liquibase/build-logic/.github/workflows/claude.yml@3bc448f805496d87c284977b62cda22c5aad540d # main secrets: inherit diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 85bfb2a28f..4724017eb4 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -12,7 +12,7 @@ on: jobs: fossa-scan: - uses: liquibase/build-logic/.github/workflows/generate-upload-enterprise-3p-fossa-report.yml@main + uses: liquibase/build-logic/.github/workflows/generate-upload-enterprise-3p-fossa-report.yml@3bc448f805496d87c284977b62cda22c5aad540d # main secrets: inherit with: version_number_for_3p_fossa_report_generation: "${{ github.event.inputs.version_number_for_3p_fossa_report_generation }}"