From 874b130020c03202779e693a2916194b5a16093b Mon Sep 17 00:00:00 2001
From: jchandramouli <71663363+jchandramouli@users.noreply.github.com>
Date: Tue, 18 Nov 2025 22:44:46 +0000
Subject: [PATCH] security: pin GitHub Actions in .github/workflows/ci.yml

Updated 2 GitHub Actions in .github/workflows/ci.yml to use SHA pinning
for improved security and reproducibility.

This change:
- Replaces version tags with specific SHA commits
- Adds version comments for maintainability
- Enhances protection against supply chain attacks

Auto-generated security update for webedx-spark/lambda-deploy-action
---
 .github/workflows/ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2102c49..900dc79 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -10,9 +10,9 @@ jobs:
         go-version: ["1.20"]
     steps:
       - name: checkout source code
-        uses: actions/checkout@v3
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Install Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: ${{ matrix.go-version }}
       - name: Build binary