Skip to content

VLN-1609: remediate checkout-below-v7#2933

Open
picatz wants to merge 2 commits into
masterfrom
camper/checkout-below-v7-4ff50bdc
Open

VLN-1609: remediate checkout-below-v7#2933
picatz wants to merge 2 commits into
masterfrom
camper/checkout-below-v7-4ff50bdc

Conversation

@picatz

@picatz picatz commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

🏕️ This pull request was created by camper, an automated security campaign tool.

Finding

Rulecheckout-below-v7
SeverityMEDIUM
Repositorytemporalio/sdk-java
TicketVLN-1609

Summary

  • .github/workflows/ci.yml: Pinned all actions/checkout steps to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.
  • .github/workflows/prepare-release.yml: Pinned all actions/checkout steps to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.
  • .github/workflows/build-native-image.yml: Pinned the actions/checkout step to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.
  • .github/workflows/gradle-wrapper-validation.yml: Pinned the actions/checkout step to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.
  • .github/workflows/coverage.yml: Pinned the actions/checkout step to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.
  • .github/workflows/publish-snapshot.yml: Pinned the actions/checkout step to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0.

Instructions

  • Approve to merge this fix
  • Request changes to trigger a new remediation attempt
  • /camper rebase — rebase onto the base branch
  • /camper close — close this PR without merging
  • /camper retry — regenerate the fix from scratch against the current base

@picatz picatz requested a review from a team as a code owner June 29, 2026 14:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant