Skip to content

VLN-1618: remediate checkout-below-v7#2145

Open
picatz wants to merge 1 commit into
mainfrom
camper/checkout-below-v7-2c57c212
Open

VLN-1618: remediate checkout-below-v7#2145
picatz wants to merge 1 commit into
mainfrom
camper/checkout-below-v7-2c57c212

Conversation

@picatz

@picatz picatz commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

🏕️ This pull request was created by camper, an automated security campaign tool.

Finding

Rulecheckout-below-v7
SeverityMEDIUM
Repositorytemporalio/sdk-typescript
TicketVLN-1618

Summary

  • .github/workflows/ci.yml: Pinned both actions/checkout steps to the required v7.0.0 commit SHA.
  • .github/workflows/conventions.yml: Pinned the actions/checkout step to the required v7.0.0 commit SHA.
  • .github/workflows/docs.yml: Pinned the actions/checkout step to the required v7.0.0 commit SHA.
  • .github/workflows/release.yml: Pinned all three actions/checkout steps to the required v7.0.0 commit SHA.
  • .github/workflows/stress.yml: Pinned the actions/checkout step to the required v7.0.0 commit SHA.

Instructions

  • Approve to merge this fix
  • Request changes to trigger a new remediation attempt
  • /camper rebase — rebase onto the base branch
  • /camper close — close this PR without merging
  • /camper retry — regenerate the fix from scratch against the current base

@picatz picatz requested a review from a team as a code owner June 26, 2026 22:17
@Sushisource Sushisource enabled auto-merge (squash) June 26, 2026 22:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Sushisource Sushisource Sushisource approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@picatz @Sushisource