From eccf78a1110c66c9edd003f8f3083d19239b9e0f Mon Sep 17 00:00:00 2001 From: "hf-security-analysis[bot]" <265538906+hf-security-analysis[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 15:38:42 +0000 Subject: [PATCH] fix(security): remediate workflow vulnerability in .github/workflows/python-api-adapter-transformers.yaml --- .github/workflows/python-api-adapter-transformers.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/python-api-adapter-transformers.yaml b/.github/workflows/python-api-adapter-transformers.yaml index be98c7b8..83d8f26e 100644 --- a/.github/workflows/python-api-adapter-transformers.yaml +++ b/.github/workflows/python-api-adapter-transformers.yaml @@ -9,18 +9,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e with: python-version: "3.8" - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Set up QEMU - uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1 + uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 # v1 + uses: docker/setup-buildx-action@f211e3e9ded2d9377c8cadc4489a4e38014bc4c9 - name: Install dependencies run: | pip install --upgrade pip pip install pytest pillow httpx pip install -e . - - run: RUN_DOCKER_TESTS=1 pytest -sv tests/test_dockers.py::DockerImageTests::test_adapter_transformers + - run: RUN_DOCKER_TESTS=1 pytest -sv tests/test_dockers.py::DockerImageTests::test_adapter_transformers \ No newline at end of file