Skip to content

chore: pin GitHub Actions to fixed SHAs#128

Closed
KooshaPari wants to merge 16 commits into
isaacphi:mainfrom
KooshaPari:chore/pin-github-actions-shas
Closed

chore: pin GitHub Actions to fixed SHAs#128
KooshaPari wants to merge 16 commits into
isaacphi:mainfrom
KooshaPari:chore/pin-github-actions-shas

Conversation

@KooshaPari
Copy link
Copy Markdown

@KooshaPari KooshaPari commented May 1, 2026

Summary

Pin GitHub Actions to immutable SHAs for improved security and reproducibility.

Actions Pinned

Action SHA
checkout@v4 34e114876b0b11c390a56381ad16ebd13914f8d5
setup-go@v5 be666c2fcd27ec809703dec50e508c2fdc7f6654
setup-node@v4 48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
setup-python@v5 a26af69be951a213d495a4c3e4e4022e16d87065

KooshaPari and others added 15 commits March 29, 2026 06:16
@KooshaPari @claude
docs: add Phenotype fork differentiation header (#1)
96631ef 
Co-authored-by: Claude Code <claude@anthropic.com>
@KooshaPari @claude
docs(org): governance onboarding for batch-3
dc76975 
- CLAUDE.md: project-level governance and mandate
- AGENTS.md: local agent contract and operating loop
- docs/worklogs/README.md: work audit template
- .github/workflows: quality-gate, fr-coverage, doc-links
- FUNCTIONAL_REQUIREMENTS.md: 7 FR stubs inferred from README
- tests/smoke_test: language-specific sanity check

Commit applies org standards to newly-cloned repos per batch-3 onboarding checklist.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@KooshaPari
chore: add FUNDING.yml (#2)
4e58727
@KooshaPari
chore: add CODE_OF_CONDUCT.md (#3)
15e34e4
@KooshaPari
chore: add OpenSSF Scorecard workflow (audit #256) (#4)
05b5404
@KooshaPari
docs(license): add MIT license and README section
caea567
@KooshaPari
Merge branch 'main' of https://github.com/KooshaPari/MCPForge
96fae30
@KooshaPari @codex
docs(security): scaffold SECURITY.md (vulnerability reporting policy)
dedb8f8 
Co-authored-by: Codex <noreply@openai.com>
@KooshaPari
docs(contrib): add CONTRIBUTING.md with Go/LSP fork workflow (#6)
0a0954d
@KooshaPari
chore: add baseline .editorconfig (wave-16) (#7)
c510eb0
@KooshaPari @codex
Fix alert-sync reusable workflow reference (#8)
5528904 
Co-authored-by: Codex <noreply@openai.com>
@KooshaPari @codex
Switch CI caller to phenoShared reusable workflow (#9)
77e2d09 
Co-authored-by: Codex <noreply@openai.com>
@KooshaPari @codex
ci: pin phenoShared CI workflow caller (#10)
446f7f8 
Pin the top-level phenoShared CI reusable workflow to an immutable commit SHA instead of tracking main.

Validation:
- actionlint .github/workflows/ci.yml
- git diff --check

Co-authored-by: Codex <noreply@openai.com>
@KooshaPari @codex
docs: add sladge badge
e76af32 
Co-authored-by: Codex <noreply@openai.com>
@KooshaPari
chore: pin GitHub Actions to fixed SHAs
d8f6e6a 
Pin GitHub Actions to immutable SHAs:
- checkout@v4: 34e114876b0b11c390a56381ad16ebd13914f8d5
- setup-go@v5: be666c2fcd27ec809703dec50e508c2fdc7f6654
- setup-node@v4: 48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
- setup-python@v5: a26af69be951a213d495a4c3e4e4022e16d87065
Copilot AI review requested due to automatic review settings May 1, 2026 08:37
Copilot AI reviewed May 1, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@KooshaPari KooshaPari closed this May 28, 2026
@KooshaPari KooshaPari deleted the chore/pin-github-actions-shas branch May 28, 2026 10:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@KooshaPari