Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: pin GitHub Actions workflows #677

Merged
merged 1 commit into from
Nov 21, 2023
Merged

Conversation

ErikSchierboom
Copy link
Member

This PR updates GitHub Actions workflows to a specific version.
This ensures that the workflow will always run the same code, which makes your build stable.
It will also prevent a potential security issue where a tag could be replaced by a malicious commit without consumers being aware of it.

The PR updates each non-SHA based workflow reference with the SHA of the referenced version/tag, so the current behavior should not change.

See https://exercism.org/docs/building/github/gha-best-practices#h-pin-actions-to-shas for more information.

@ErikSchierboom ErikSchierboom added the x:size/tiny Tiny amount of work label Nov 14, 2023
@ErikSchierboom ErikSchierboom marked this pull request as draft November 14, 2023 14:05
@ErikSchierboom ErikSchierboom force-pushed the pin-github-action-workflows branch from 9c9ea4d to ba530a2 Compare November 14, 2023 14:43
@ErikSchierboom ErikSchierboom marked this pull request as ready for review November 14, 2023 14:44
@ErikSchierboom ErikSchierboom merged commit 37a5b02 into main Nov 21, 2023
5 of 9 checks passed
@ErikSchierboom ErikSchierboom deleted the pin-github-action-workflows branch November 21, 2023 06:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
x:size/tiny Tiny amount of work
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant