Hey! 🙂
I've made the following changes to your workflow:
Avoid incorrectly indented workflows
Make sure that workflows are readable for other developers so that they can easily understand what the workflow is doing.
Prevent running issue/PR actions on forks
Running workflows that modify issues on forks will fail because they do not have access to the issues on the original repository.
Define permissions for workflows with external actions
Permissions should be used when running actions written by other developers because there may be security leaks exposed through these actions.
Use commit hash instead of tags for action versions
When using a tag as version, the code related to the tag can be changed after the tag is created, whereas when using the commit hash this cannot. Therefore, for consistency and security a commit hash should be used.
(These changes are part of a research Study at TU Delft looking at GitHub Action Smells. Find out more)
Hey! 🙂 I've made the following changes to your workflow:
(These changes are part of a research Study at TU Delft looking at GitHub Action Smells. Find out more)