mirror of
https://github.com/pre-commit/action.git
synced 2025-11-07 18:56:55 +00:00
Pin actions/cache
GitHub recently added support for requiring actions to be pinned to a full-length commit SHA[^1]. Their changelog doesn't mention that composite actions also fail if their own actions are not pinned, which is the case for this project. Hope this makes sense. I didn't bump the versions, just added the commit SHAs, using `pinact run`. [^1]: https://github.blog/changelog/2025-08-15-github-actions-policy-now-supports-blocking-and-sha-pinning-actions/
This commit is contained in:
Edgar Ramírez-Mondragón
parent
1b06ec171f
commit
89e11bc533
2 changed files with 3 additions and 3 deletions
4
.github/workflows/main.yml
vendored
4
.github/workflows/main.yml
vendored
|
|
@ -7,7 +7,7 @@ jobs:
|
|||
main:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-python@v3
|
||||
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||
- uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3.1.4
|
||||
- name: self test action
|
||||
uses: ./
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ runs:
|
|||
shell: bash
|
||||
- run: python -m pip freeze --local
|
||||
shell: bash
|
||||
- uses: actions/cache@v4
|
||||
- uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4
|
||||
with:
|
||||
path: ~/.cache/pre-commit
|
||||
key: pre-commit-3|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
|
||||
|
|
|
|||
Loading…
Reference in a new issue