chore: secure github actions using hash instead of versions #1055

	name: SpotBugs

	on:
	pull_request:
	branches:
	- main
	paths:
	- 'powertools-cloudformation/**'
	- 'powertools-core/**'
	- 'powertools-serialization/**'
	- 'powertools-logging/**'
	- 'powertools-sqs/**'
	- 'powertools-tracing/**'
	- 'powertools-validation/**'
	- 'powertools-parameters/**'
	- 'powertools-idempotency/**'
	- 'powertools-metrics/**'
	- 'powertools-test-suite/**'
	- 'pom.xml'
	- '.github/workflows/**'
	jobs:
	codecheck:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
	- name: Setup java JDK 1.8
	uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
	with:
	distribution: 'corretto'
	java-version: 8
	# https://github.com/jwgmeligmeyling/spotbugs-github-action/issues/6
	# https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/
	# Avoid complexity of git action with publishing report. Just build with spotbugs profile.
	# - name: Build with Maven for spotbugs check to gather reports
	# run: mvn -Pbuild-with-spotbugs -B install --file pom.xml -DskipTests -Dmaven.javadoc.skip=true -Dspotbugs.failOnError=false
	# - uses: jwgmeligmeyling/spotbugs-github-action@master
	# with:
	# path: '**/spotbugsXml.xml'
	# # Can be simplified post this issue is fixed https://github.com/jwgmeligmeyling/spotbugs-github-action/issues/9
	- name: Build with Maven for spotbugs check to mark build as fail if voilations found
	run: mvn -Pbuild-with-spotbugs -B install --file pom.xml -DskipTests -Dmaven.javadoc.skip=true -Dspotbugs.failOnError=true

Provide feedback