Update GH actions to latest#1714
Open
flowerey wants to merge 5 commits into
Open
Conversation
|
Reviews (1): Last reviewed commit: "update: stale to v10" | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| if: steps.info.outputs.version | ||
| id: create_release | ||
| uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 | ||
| uses: softprops/action-gh-release@437e073e786973c6b6af97d9e445c41ae43b1d29 |
There was a problem hiding this comment.
437e073e786973c6b6af97d9e445c41ae43b1d29 for the third-party softprops/action-gh-release doesn't appear to correspond to the latest tagged release v3.0.0 (commit b430933). Since this action runs with GITHUB_TOKEN and creates releases, it's worth verifying the SHA maps to a trusted tagged release. The recommended approach is to pin to the SHA of a known release tag.
Suggested change
| uses: softprops/action-gh-release@437e073e786973c6b6af97d9e445c41ae43b1d29 | |
| uses: softprops/action-gh-release@b430933d43a53bfba51ede0e67b9af7caa2e53ea # v3.0.0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
For your pull request to not get closed without review, please confirm that:
(an approved feature request, or confirmed bug).
otherwise I have marked my PR as draft.
organization if I lied by checking any of these checkboxes.
Tested on (check one or more):
There is no breaking changes, so no testing is needed in my opinion.