Skip to content

chore: SHA-pin GitHub Actions#72

Open
skonefal wants to merge 1 commit into
mainfrom
chore/sha-pin-github-actions
Open

chore: SHA-pin GitHub Actions#72
skonefal wants to merge 1 commit into
mainfrom
chore/sha-pin-github-actions

Conversation

@skonefal

@skonefal skonefal commented Jun 15, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

SHA-pin GitHub Actions to commit hashes.

@skonefal skonefal marked this pull request as ready for review June 15, 2026 11:52
@cursor

cursor Bot commented Jun 15, 2026
edited
Loading

Copy link
Copy Markdown

PR Summary

Low Risk
CI-only reference changes with no dbt or runtime logic impact; behavior should match the same tagged action versions.

Overview
Pins third-party GitHub Actions in the dbt workflows (dbt_ci.yml, dbt_deploy.yml, dbt_prod.yml) from floating tags (@v4, @v5, @v6) to immutable commit SHAs, with the original version kept in comments.

Affected actions: actions/checkout, astral-sh/setup-uv, dawidd6/action-download-artifact, and actions/upload-artifact (deploy workflow only). Workflow steps and behavior are unchanged; only how those actions are resolved at run time is locked down for supply-chain consistency.

Reviewed by Cursor Bugbot for commit 9e0c79a. Configure here.

@skonefal skonefal requested a review from jeff-dude June 18, 2026 10:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeff-dude jeff-dude Awaiting requested review from jeff-dude

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@skonefal