From 804567d2d3fcd4f52ccc1629d0254bb7fbaf1890 Mon Sep 17 00:00:00 2001
From: "renovate-pagopa[bot]"
 <164534245+renovate-pagopa[bot]@users.noreply.github.com>
Date: Wed, 11 Dec 2024 05:41:54 +0000
Subject: [PATCH] Pin dependencies

---
 .github/workflows/anchore.yml  | 6 +++---
 .github/workflows/pr-title.yml | 2 +-
 .github/workflows/release.yml  | 6 +++---
 Dockerfile                     | 2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/anchore.yml b/.github/workflows/anchore.yml
index 09b6f37..87a7a6b 100644
--- a/.github/workflows/anchore.yml
+++ b/.github/workflows/anchore.yml
@@ -35,18 +35,18 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v3
+      uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
     - name: Build the Docker image
       run: docker build . --file ${{ env.DOCKERFILE }} --tag localbuild/testimage:latest
     - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
-      uses: anchore/scan-action@v3
+      uses: anchore/scan-action@3343887d815d7b07465f6fdcd395bd66508d486a # v3
       with:
         image: "localbuild/testimage:latest"
         acs-report-enable: true
         fail-build: true
         severity-cutoff: "high"
     - name: Upload Anchore Scan Report
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@d835c34a7026e284170c41a0a66c956e03f247d0 # v2
       if: always()
       with:
         sarif_file: results.sarif
diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml
index 8f9772c..353681e 100644
--- a/.github/workflows/pr-title.yml
+++ b/.github/workflows/pr-title.yml
@@ -14,7 +14,7 @@ jobs:
     steps:
       # Please look up the latest version from
       # https://github.com/amannn/action-semantic-pull-request/releases
-      - uses: amannn/action-semantic-pull-request@v3.4.6
+      - uses: amannn/action-semantic-pull-request@7bfb19c48fc334d3dacb072cf982e81535041209 # v3.4.6
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 618df0d..08e9654 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
     steps:
       - name: Checkout
         id: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2
         with:
           persist-credentials: false
           fetch-depth: 0
@@ -37,7 +37,7 @@ jobs:
       - name: Log in to the Container registry
         id: docker_login
         if: steps.release.outputs.new_release_published == 'true'
-        uses: docker/login-action@v2
+        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -46,7 +46,7 @@ jobs:
       - name: Build and push Docker image
         id: docker_build_push
         if: steps.release.outputs.new_release_published == 'true'
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@1104d471370f9806843c095c1db02b5a90c5f8b6 # v3
         with:
           context: .
           push: true
diff --git a/Dockerfile b/Dockerfile
index b09b037..a3cd43e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1 +1 @@
-FROM alpine:latest
+FROM alpine:latest@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45