chore: [StepSecurity] Apply security best practices

jaybuidl · jaybuidl · commit 05b65fecb3e7 · 2025-01-27T23:58:07.000Z
diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yml
@@ -72,7 +72,7 @@ jobs:
       working-directory: web
 
     - name: Create Sentry release
-      uses: getsentry/action-release@v1
+      uses: getsentry/action-release@f6dfa3d84a1c740b94aa45255c5e032b744a095d # v1.9.0
       env:
         SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
         SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
diff --git a/services/bots/base/Dockerfile b/services/bots/base/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:20-alpine
+FROM node:20-alpine@sha256:2cd2a6f4cb37cf8a007d5f1e9aef090ade6b62974c7a274098c390599e8c72b4
 
 WORKDIR /usr/src/app
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM node:20-alpine`
	`1`	`+FROM node:20-alpine@sha256:2cd2a6f4cb37cf8a007d5f1e9aef090ade6b62974c7a274098c390599e8c72b4`
`2`	`2`
`3`	`3`	`WORKDIR /usr/src/app`
`4`	`4`