Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: pin GitHub Actions workflows #781

Merged
merged 1 commit into from
Nov 15, 2023
Merged

Conversation

ErikSchierboom
Copy link
Member

This PR updates GitHub Actions workflows to a specific version.
This ensures that the workflow will always run the same code, which makes your build stable.
It will also prevent a potential security issue where a tag could be replaced by a malicious commit without consumers being aware of it.

The PR updates each non-SHA based workflow reference with the SHA of the referenced version/tag, so the current behavior should not change.

See https://exercism.org/docs/building/github/gha-best-practices#h-pin-actions-to-shas for more information.

@ErikSchierboom ErikSchierboom requested a review from a team as a code owner November 14, 2023 13:55
@ErikSchierboom ErikSchierboom added the x:size/tiny Tiny amount of work label Nov 14, 2023
@ErikSchierboom ErikSchierboom marked this pull request as draft November 14, 2023 13:56
@ErikSchierboom ErikSchierboom force-pushed the pin-github-action-workflows branch from 1d79909 to e3eca4a Compare November 14, 2023 14:54
@ErikSchierboom ErikSchierboom marked this pull request as ready for review November 14, 2023 14:54
@ErikSchierboom ErikSchierboom merged commit bde4cc8 into main Nov 15, 2023
4 of 6 checks passed
@ErikSchierboom ErikSchierboom deleted the pin-github-action-workflows branch November 15, 2023 11:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
x:size/tiny Tiny amount of work
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant