Skip to content

Use SHA to reference GitHub Actions #227

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
xalopp wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Use SHA to reference GitHub Actions #227

xalopp wants to merge 3 commits into from

Conversation

@xalopp
Copy link
Contributor

@xalopp xalopp commented Dec 5, 2025

Type of PR

  • Bugfix
  • New Feature
  • Other (explain):

Fixes Issues reported by SonarQube:
https://docs.github.com/en/actions/reference/security/secure-use#using-third-party-actions

Breaking changes

  • Yes, this is a breaking change

Beside simply using the SHA for the versions, this also updates some of the GitHub Actions

Description

I use https://github.com/suzuki-shunsuke/pinact for is PR.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 5, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

xalopp
xalopp commented Dec 5, 2025
View reviewed changes
.github/workflows/ci.yml
runs-on: ubuntu-latest
steps:
- uses: technote-space/workflow-conclusion-action@v3
- uses: technote-space/workflow-conclusion-action@45ce8e0eb155657ab8ccf346ade734257fd196a5 # v3.0.3
Copy link
Contributor Author

@xalopp xalopp Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mmoll this GitHub Action isn't supported anymore...

I'm not sure what type of output this was generation in the mo4 Slack Channel...

Options:

  1. keep it as it is, reminding that this might disappear in the future
  2. Delete it, if Slack isn't relevant
  3. Open a new Task, and fix it, as I don't have access to the Slack Channel ;-)

@xalopp
Copy link
Contributor Author

xalopp commented Dec 5, 2025

@mmoll please 👀 this PR

@xalopp xalopp mentioned this pull request Dec 5, 2025
Draft
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@xalopp