Skip to content

ci: pin github action references#202

Merged
pkosiec merged 1 commit intomainfrom
pin-actions
Mar 24, 2026
Merged

ci: pin github action references#202
pkosiec merged 1 commit intomainfrom
pin-actions

Conversation

@pietern
Copy link
Copy Markdown
Collaborator

@pietern pietern commented Mar 23, 2026

Summary

  • Pin all GitHub action references to their commit SHAs
  • Each SHA maps to the current tag for the action at the time of pinning

@pietern
Pin GitHub action references
542b0a9 
Pin all GitHub action references to their commit SHAs. Each SHA maps
to the current tag for the action at the time of pinning.

Co-authored-by: Isaac
@pietern pietern changed the title Pin GitHub action references ci: pin GitHub action references Mar 23, 2026
@pietern pietern changed the title ci: pin GitHub action references ci: pin github action references Mar 23, 2026
pkosiec
pkosiec approved these changes Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@pkosiec pkosiec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @pietern. Double-checked all the commit SHAs, the changes LGTM 👍

@pkosiec pkosiec merged commit 76b2643 into main Mar 24, 2026
2 of 4 checks passed
@pkosiec pkosiec deleted the pin-actions branch March 24, 2026 09:12
pietern added a commit that referenced this pull request Mar 24, 2026
@pietern
ci: pin remaining GitHub Actions dependencies
45fbaa9 
#202 missed pinning actions using the `- uses:` shorthand syntax
(steps without an explicit `name:` property). This pins the remaining
20 references in ci.yml and docs-deploy.yml.

Co-authored-by: Isaac
@pietern pietern mentioned this pull request Mar 24, 2026
Merged
1 task
MarioCadenas pushed a commit that referenced this pull request Mar 24, 2026
@pietern
ci: pin remaining GitHub Actions dependencies (#209)
ebf9149 
#202 missed pinning actions using the `- uses:` shorthand syntax
(steps without an explicit `name:` property). This pins the remaining
20 references in ci.yml and docs-deploy.yml.
@pkosiec pkosiec mentioned this pull request Mar 25, 2026
Merged
fjakobs pushed a commit to databricks/databricks-agent-skills that referenced this pull request Mar 25, 2026
@pkosiec
Pin GitHub Actions to commit SHAs (#37)
c6e9be5 
## Summary
- Pin all GitHub Actions to specific commit SHAs for supply chain
security, preventing tag-based attacks
- Follows the same pattern as
[databricks/appkit#202](databricks/appkit#202)

## Pinned actions
-
[`actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5`](actions/checkout@34e1148)
(v4.3.1)
-
[`actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065`](actions/setup-python@a26af69)
(v5.6.0)

This pull request was AI-assisted by Isaac.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pkosiec pkosiec pkosiec approved these changes

@fjakobs fjakobs Awaiting requested review from fjakobs

@MarioCadenas MarioCadenas Awaiting requested review from MarioCadenas

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pietern @pkosiec