[DAFFODIL-2881] Pin github actions to commit hash instead of tags - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.7.0
Component/s: Infrastructure
Labels:
None

Description

Github actions should be pinned to a commit hash instead of a version to prevent malicious actors or just accidental breaking of builds if tags are renamed/deleted:

https://blog.rafaelgss.dev/why-you-should-pin-actions-by-commit-hash

Attachments

Activity

People

Assignee:: Steve Lawrence

Reporter:: Steve Lawrence

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29/Feb/24 17:32

Updated:: 01/Mar/24 12:35

Resolved:: 29/Feb/24 18:25