From e6c2c5e321ed9123bda567646e2f96565e34abe1 Mon Sep 17 00:00:00 2001
From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com>
Date: Fri, 29 Aug 2025 07:24:37 +0200
Subject: [PATCH] pin actions/checkout and actions/cache (#22)

---
 action.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/action.yaml b/action.yaml
index df66977..4f91fbf 100644
--- a/action.yaml
+++ b/action.yaml
@@ -53,14 +53,14 @@ runs:
     - name: Restore Trivy binary from cache
       if: ${{ inputs.cache == 'true' && inputs.version != 'latest' }}
       id: cache
-      uses: actions/cache@v4
+      uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4
       with:
         path: ${{ steps.binary-dir.outputs.dir }}
         key: trivy-binary-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}
 
     - name: Checkout install script
       if: steps.cache.outputs.cache-hit != 'true'
-      uses: actions/checkout@v4
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       with:
         repository: aquasecurity/trivy
         sparse-checkout: |