Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin actions/checkout Dependency to Specific Commit Hash #3384

Merged

Conversation

felixhandte
Copy link
Contributor

It's a bit silly, because if we can't trust GitHub, what are we doing here? But OSSF complains about it, so let's fix it.

@felixhandte felixhandte added the dependencies Pull requests that update a dependency file label Dec 20, 2022
It's a bit silly, because if we can't trust GitHub, what are we doing here?
But OSSF complains about it, so let's fix it.
@felixhandte felixhandte force-pushed the pin-checkout-action-commit-hash branch from 6319701 to e3f2c8b Compare December 20, 2022 19:53
@Cyan4973
Copy link
Contributor

Why would the "versions-compatibility" test fail on this PR ?
Weird, I assume it's unrelated.

@terrelln
Copy link
Contributor

It's unrelated, I'm looking into it. Not really sure why it is failing now.

@felixhandte felixhandte merged commit 0790e86 into facebook:dev Dec 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CLA Signed dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants