réplica de
https://git.tukaani.org/xz.git
synced 2025-10-19 23:53:27 +00:00
CI: Bump and ref actions by commit SHA in ci.yml
Referencing actions by commit SHA in GitHub workflows guarantees you are using an immutable version. Actions referenced by tags and branches are more vulnerable to attacks, such as the tag being moved to a malicious commit or a malicious commit being pushed to the branch. It's important to make sure the SHA's are from the original repositories and not forks. For reference: https://github.com/actions/checkout/releases/tag/v4.1.08ade135a41
https://github.com/actions/upload-artifact/releases/tag/v3.1.3a8a3f3ad30
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Este commit está contenido en:
padre
f74f174006
commit
f28cc9bd48
4
.github/workflows/ci.yml
vendido
4
.github/workflows/ci.yml
vendido
@ -27,7 +27,7 @@ jobs:
|
||||
build_system: [autotools, cmake]
|
||||
runs-on: ${{ matrix.os }}
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 #v4.1.0
|
||||
|
||||
########################
|
||||
# Install Dependencies #
|
||||
@ -135,7 +135,7 @@ jobs:
|
||||
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d small -p test -n small
|
||||
|
||||
# Attempt to upload the test logs as artifacts if any step has failed
|
||||
- uses: actions/upload-artifact@v3
|
||||
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3
|
||||
if: ${{ failure() }}
|
||||
with:
|
||||
name: ${{ matrix.os }} ${{ matrix.build_system }} Test Logs
|
||||
|
Cargando…
x
Referencia en una nueva incidencia
Block a user