We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pin Actions to a full length commit SHA
Repository: https://github.com/nodejs/diagnostics
Before the fix, your workflow may look like this (use of v1 and latest tags)
v1
latest
After the fix, Secure-Repo pins each Action and docker image to an immutable checksum.
Pull request example: electron/electron#36343
In this pull request, the workflow file has the GitHub Actions tags pinned automatically to their full-length commit SHA.
From: https://github.com/step-security/secure-repo#3-pin-actions-to-a-full-length-commit-sha
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Pin Actions to a full length commit SHA
Repository: https://github.com/nodejs/diagnostics
Why is this needed?
Before and After the fix
Before the fix, your workflow may look like this (use of
v1andlatesttags)After the fix, Secure-Repo pins each Action and docker image to an immutable checksum.
Pull request example: electron/electron#36343
In this pull request, the workflow file has the GitHub Actions tags pinned automatically to their full-length commit SHA.
From: https://github.com/step-security/secure-repo#3-pin-actions-to-a-full-length-commit-sha
The text was updated successfully, but these errors were encountered: