pin versions

[JaredHatfield]

No description provided.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.54%. Comparing base (c8a6215) to head (2d93161).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##               main      #79   +/-   ##
=========================================
  Coverage     86.54%   86.54%           
  Complexity      270      270           
=========================================
  Files            15       15           
  Lines           602      602           
  Branches        109      109           
=========================================
  Hits            521      521           
  Misses           53       53           
  Partials         28       28           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This pull request improves the security posture of GitHub Actions workflows by pinning the actions/add-to-project action to a specific commit SHA instead of using a mutable tag reference.

Changes:

• Pin actions/add-to-project action to commit SHA 244f685bbc3b7adfa8466e08b698b5577571133e with a comment indicating it corresponds to v1.0.2

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The commit SHA pinning is inconsistent across workflow files. Other actions in the repository (e.g., actions/checkout@v6, actions/setup-java@v5 in build-java-17.yml, codeql-java-17.yml, release-maven-central-java-17.yml, and zizmor.yml) still use mutable version tags. For consistent security posture, consider applying the same SHA pinning strategy to all third-party actions across all workflows.