From a059a3fb558b78153a519babfaac85abb84df045 Mon Sep 17 00:00:00 2001 From: Sushmitha-MN Date: Fri, 13 Feb 2026 13:30:50 +0530 Subject: [PATCH 1/2] PIN SHA Commits --- .github/workflows/asn1_unittest.yml | 2 +- .github/workflows/cla.yml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/common_unittest.yml | 4 ++-- .github/workflows/crypto_interface_unittest.yml | 2 +- .github/workflows/crypto_interop_test.yml | 2 +- .github/workflows/crypto_unittest.yml | 2 +- .github/workflows/est_unittest.yml | 2 +- .github/workflows/nanocert_scep_integration_test.yml | 2 +- .github/workflows/nanomqtt_functional_test.yml | 4 ++-- .github/workflows/nanomqtt_integration_test.yml | 2 +- .github/workflows/nanomqtt_unit_test.yml | 4 ++-- .github/workflows/nanossh_integration_test.yml | 2 +- .github/workflows/nanossh_sanity_test.yml | 4 ++-- .github/workflows/nanossh_unit_test.yml | 2 +- .github/workflows/nanossl_integration_test.yml | 2 +- .github/workflows/pkcs11_softhsm2_build.yml | 4 ++-- .github/workflows/pre-commit.yml | 6 +++--- .github/workflows/scep_unittest.yml | 2 +- .github/workflows/smp_nanoroot_unittest.yml | 4 ++-- .github/workflows/unittest_asn1.yml | 2 +- .github/workflows/unittest_asn1_extended.yml | 4 ++-- .github/workflows/unittest_cryptointerface_extended.yml | 4 ++-- .github/workflows/unittest_nanocrypto_extended.yml | 2 +- 24 files changed, 36 insertions(+), 36 deletions(-) diff --git a/.github/workflows/asn1_unittest.yml b/.github/workflows/asn1_unittest.yml index af35529..eb4d64f 100644 --- a/.github/workflows/asn1_unittest.yml +++ b/.github/workflows/asn1_unittest.yml @@ -16,7 +16,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 49f0dd5..c5d97a7 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -18,7 +18,7 @@ jobs: steps: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.6.1 + uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b7bf2ff..f5e9724 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install SoftHSM2 (for PKCS11 build) if: matrix.feature == 'ENABLE_PKCS11_SOFTHSM' @@ -57,7 +57,7 @@ jobs: find projects -type d -name build -exec rm -rf {} + - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality @@ -83,6 +83,6 @@ jobs: cmake --build build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 with: category: "/language:${{matrix.language}}/${{matrix.feature}}" diff --git a/.github/workflows/common_unittest.yml b/.github/workflows/common_unittest.yml index 270dc2f..db260d7 100644 --- a/.github/workflows/common_unittest.yml +++ b/.github/workflows/common_unittest.yml @@ -15,7 +15,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test @@ -46,4 +46,4 @@ jobs: - name: Print Coverage Summary run: | echo "Coverage Summary:" - lcov --list /tmp/common_total.info + lcov --list /tmp/common_total.info diff --git a/.github/workflows/crypto_interface_unittest.yml b/.github/workflows/crypto_interface_unittest.yml index 73f7ff1..270752b 100644 --- a/.github/workflows/crypto_interface_unittest.yml +++ b/.github/workflows/crypto_interface_unittest.yml @@ -19,7 +19,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/crypto_interop_test.yml b/.github/workflows/crypto_interop_test.yml index 1700e9e..2fd9e8a 100644 --- a/.github/workflows/crypto_interop_test.yml +++ b/.github/workflows/crypto_interop_test.yml @@ -19,7 +19,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/crypto_unittest.yml b/.github/workflows/crypto_unittest.yml index 5cc7c8a..b7fc10d 100644 --- a/.github/workflows/crypto_unittest.yml +++ b/.github/workflows/crypto_unittest.yml @@ -17,7 +17,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/est_unittest.yml b/.github/workflows/est_unittest.yml index ebebbc4..06fb75c 100644 --- a/.github/workflows/est_unittest.yml +++ b/.github/workflows/est_unittest.yml @@ -25,7 +25,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/nanocert_scep_integration_test.yml b/.github/workflows/nanocert_scep_integration_test.yml index 8828e3a..287a6fd 100644 --- a/.github/workflows/nanocert_scep_integration_test.yml +++ b/.github/workflows/nanocert_scep_integration_test.yml @@ -50,7 +50,7 @@ jobs: cd .. - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Copy SCEP Test Files run: | diff --git a/.github/workflows/nanomqtt_functional_test.yml b/.github/workflows/nanomqtt_functional_test.yml index 7a7e748..4b808c8 100644 --- a/.github/workflows/nanomqtt_functional_test.yml +++ b/.github/workflows/nanomqtt_functional_test.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | @@ -96,4 +96,4 @@ jobs: echo "================================================" - name: Show Job Status - run: echo "🍏 This job's status is ${{ job.status }}." \ No newline at end of file + run: echo "🍏 This job's status is ${{ job.status }}." diff --git a/.github/workflows/nanomqtt_integration_test.yml b/.github/workflows/nanomqtt_integration_test.yml index df9969f..f6f22d4 100644 --- a/.github/workflows/nanomqtt_integration_test.yml +++ b/.github/workflows/nanomqtt_integration_test.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | diff --git a/.github/workflows/nanomqtt_unit_test.yml b/.github/workflows/nanomqtt_unit_test.yml index f56cb27..facee74 100644 --- a/.github/workflows/nanomqtt_unit_test.yml +++ b/.github/workflows/nanomqtt_unit_test.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | @@ -86,4 +86,4 @@ jobs: lcov --list /tmp/mqtt_filtered.info - name: Show Job Status - run: echo "🍏 This job's status is ${{ job.status }}." \ No newline at end of file + run: echo "🍏 This job's status is ${{ job.status }}." diff --git a/.github/workflows/nanossh_integration_test.yml b/.github/workflows/nanossh_integration_test.yml index aa33702..31221fb 100644 --- a/.github/workflows/nanossh_integration_test.yml +++ b/.github/workflows/nanossh_integration_test.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | diff --git a/.github/workflows/nanossh_sanity_test.yml b/.github/workflows/nanossh_sanity_test.yml index b681634..0fc26a4 100644 --- a/.github/workflows/nanossh_sanity_test.yml +++ b/.github/workflows/nanossh_sanity_test.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | @@ -30,4 +30,4 @@ jobs: - name: Run Sanity Tests run: | - ./scripts/sanity_tests.sh \ No newline at end of file + ./scripts/sanity_tests.sh diff --git a/.github/workflows/nanossh_unit_test.yml b/.github/workflows/nanossh_unit_test.yml index edd63c2..dee4675 100644 --- a/.github/workflows/nanossh_unit_test.yml +++ b/.github/workflows/nanossh_unit_test.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | diff --git a/.github/workflows/nanossl_integration_test.yml b/.github/workflows/nanossl_integration_test.yml index b59f5b9..d702aa7 100644 --- a/.github/workflows/nanossl_integration_test.yml +++ b/.github/workflows/nanossl_integration_test.yml @@ -84,7 +84,7 @@ jobs: cd .. - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Copy SSL Test Files run: | diff --git a/.github/workflows/pkcs11_softhsm2_build.yml b/.github/workflows/pkcs11_softhsm2_build.yml index b277cc2..5d67bb6 100644 --- a/.github/workflows/pkcs11_softhsm2_build.yml +++ b/.github/workflows/pkcs11_softhsm2_build.yml @@ -15,7 +15,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test @@ -44,4 +44,4 @@ jobs: -DENABLE_TAP=ON \ -DSECURE_PATH="$(pwd)" \ -B build -S . && \ - cmake --build build \ No newline at end of file + cmake --build build diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index df3a967..65bc0f1 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -14,12 +14,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.13' @@ -44,4 +44,4 @@ jobs: done else echo "No files changed" - fi + fi diff --git a/.github/workflows/scep_unittest.yml b/.github/workflows/scep_unittest.yml index db240aa..d4bee50 100644 --- a/.github/workflows/scep_unittest.yml +++ b/.github/workflows/scep_unittest.yml @@ -23,7 +23,7 @@ jobs: runs-on: [ubuntu-22.04] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: trustcore-test diff --git a/.github/workflows/smp_nanoroot_unittest.yml b/.github/workflows/smp_nanoroot_unittest.yml index b8a63da..f86537e 100644 --- a/.github/workflows/smp_nanoroot_unittest.yml +++ b/.github/workflows/smp_nanoroot_unittest.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: mss @@ -331,7 +331,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: path: mss diff --git a/.github/workflows/unittest_asn1.yml b/.github/workflows/unittest_asn1.yml index e3f886d..55e2cda 100644 --- a/.github/workflows/unittest_asn1.yml +++ b/.github/workflows/unittest_asn1.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | diff --git a/.github/workflows/unittest_asn1_extended.yml b/.github/workflows/unittest_asn1_extended.yml index 0c0c989..86e3873 100644 --- a/.github/workflows/unittest_asn1_extended.yml +++ b/.github/workflows/unittest_asn1_extended.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | @@ -28,7 +28,7 @@ jobs: # Clone & prepare mocn-qa-m-products # ------------------------------------------------------------------ - name: Checkout mocn-qa-m-products - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: repository: digicert/mocn-qa-m-products token: ${{ secrets.MY_SECRET_TOKEN }} diff --git a/.github/workflows/unittest_cryptointerface_extended.yml b/.github/workflows/unittest_cryptointerface_extended.yml index 092875f..9ae436f 100644 --- a/.github/workflows/unittest_cryptointerface_extended.yml +++ b/.github/workflows/unittest_cryptointerface_extended.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | @@ -28,7 +28,7 @@ jobs: # Clone & prepare mocn-qa-m-products # ------------------------------------------------------------------ - name: Checkout mocn-qa-m-products - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with: repository: digicert/mocn-qa-m-products token: ${{ secrets.MY_SECRET_TOKEN }} diff --git a/.github/workflows/unittest_nanocrypto_extended.yml b/.github/workflows/unittest_nanocrypto_extended.yml index 66b6820..8a9f0d2 100644 --- a/.github/workflows/unittest_nanocrypto_extended.yml +++ b/.github/workflows/unittest_nanocrypto_extended.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 - name: Install Dependencies run: | From 60f6c0a3152cf36e46299ac1ff94141269d830e7 Mon Sep 17 00:00:00 2001 From: Sushmitha-MN Date: Fri, 13 Feb 2026 13:34:18 +0530 Subject: [PATCH 2/2] Correction --- .github/workflows/common_unittest.yml | 2 +- .github/workflows/pre-commit.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/common_unittest.yml b/.github/workflows/common_unittest.yml index db260d7..1da518e 100644 --- a/.github/workflows/common_unittest.yml +++ b/.github/workflows/common_unittest.yml @@ -46,4 +46,4 @@ jobs: - name: Print Coverage Summary run: | echo "Coverage Summary:" - lcov --list /tmp/common_total.info + lcov --list /tmp/common_total.info diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 65bc0f1..3c2396c 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -44,4 +44,4 @@ jobs: done else echo "No files changed" - fi + fi