From 63d4dcb83e67bba7fc802ef8990827f01b578028 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Fri, 17 Apr 2026 14:37:14 -0600
Subject: [PATCH] Use SHA Hashes

This commit updates workflows to use SHA hashes to
reference other actions and workflows

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
---
 .github/workflows/auto-merge-dependabot.yml   | 2 +-
 .github/workflows/codeql.yml                  | 2 +-
 .github/workflows/defer-issues.yml            | 8 ++++----
 .github/workflows/update-antora-ui-spring.yml | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml
index df90bb5847..80e0d71e4f 100644
--- a/.github/workflows/auto-merge-dependabot.yml
+++ b/.github/workflows/auto-merge-dependabot.yml
@@ -12,6 +12,6 @@ run-name: Merge Dependabot PR ${{ github.ref_name }}
 jobs:
   merge-dependabot-pr:
     permissions: write-all
-    uses: spring-io/spring-github-workflows/.github/workflows/spring-merge-dependabot-pr.yml@v7
+    uses: spring-io/spring-github-workflows/.github/workflows/spring-merge-dependabot-pr.yml@0d3f15bb384839966a1ff5c4383731a2b747f24b # v7
     with:
       mergeArguments: --auto --rebase
\ No newline at end of file
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index dabe0665f0..28a3c138b2 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -14,4 +14,4 @@ jobs:
       actions: read
       contents: read
       security-events: write
-    uses: spring-io/github-actions/.github/workflows/codeql-analysis.yml@1
+    uses: spring-io/github-actions/.github/workflows/codeql-analysis.yml@e415dadd0910c901e7a7fabd67bbb355b2324500 # 1
diff --git a/.github/workflows/defer-issues.yml b/.github/workflows/defer-issues.yml
index 9f8b3f0c47..298fcdcd33 100644
--- a/.github/workflows/defer-issues.yml
+++ b/.github/workflows/defer-issues.yml
@@ -18,21 +18,21 @@ jobs:
       uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
     - name: Compute Version
       id: compute-version
-      uses: spring-io/spring-release-actions/compute-version@0.0.4
+      uses: spring-io/spring-release-actions/compute-version@2420148725bebe44bd59a575a9b1961ca4459b0b # 0.0.4
     - name: Get Today's Release Version
       id: todays-release
-      uses: spring-io/spring-release-actions/get-todays-release-version@0.0.4
+      uses: spring-io/spring-release-actions/get-todays-release-version@2420148725bebe44bd59a575a9b1961ca4459b0b # 0.0.4
       with:
         snapshot-version: ${{ steps.compute-version.outputs.version }}
         milestone-repository: ${{ github.repository }}
         milestone-token: ${{ secrets.GITHUB_TOKEN }}
     - name: Compute Next Version
       id: next-version
-      uses: spring-io/spring-release-actions/compute-next-version@0.0.4
+      uses: spring-io/spring-release-actions/compute-next-version@2420148725bebe44bd59a575a9b1961ca4459b0b # 0.0.4
       with:
         version: ${{ steps.todays-release.outputs.release-version }}
     - name: Schedule Next Milestone
-      uses: spring-io/spring-release-actions/schedule-milestone@0.0.4
+      uses: spring-io/spring-release-actions/schedule-milestone@2420148725bebe44bd59a575a9b1961ca4459b0b # 0.0.4
       with:
         version: ${{ steps.next-version.outputs.version }}
         version-date: ${{ steps.next-version.outputs.version-date }}
diff --git a/.github/workflows/update-antora-ui-spring.yml b/.github/workflows/update-antora-ui-spring.yml
index d6f780c7ce..d6006b8e81 100644
--- a/.github/workflows/update-antora-ui-spring.yml
+++ b/.github/workflows/update-antora-ui-spring.yml
@@ -19,7 +19,7 @@ jobs:
       matrix:
         branch: [ '6.5.x', '7.0.x', 'main' ]
     steps:
-      - uses: spring-io/spring-doc-actions/update-antora-spring-ui@415e2b11a766ba64799fffb5c97a4f7e17f677cf
+      - uses: spring-io/spring-doc-actions/update-antora-spring-ui@415e2b11a766ba64799fffb5c97a4f7e17f677cf # v0.0.22
         name: Update
         with:
           docs-branch: ${{ matrix.branch }}
@@ -30,7 +30,7 @@ jobs:
     if: ${{ github.repository == 'spring-projects/spring-security' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: spring-io/spring-doc-actions/update-antora-spring-ui@415e2b11a766ba64799fffb5c97a4f7e17f677cf
+      - uses: spring-io/spring-doc-actions/update-antora-spring-ui@415e2b11a766ba64799fffb5c97a4f7e17f677cf # v0.0.22
         name: Update
         with:
           docs-branch: 'docs-build'