Closed evansims closed 1 year ago
Patch and project coverage have no change.
Comparison is base (
dbff9c6
) 94.78% compared to head (96ada29
) 94.78%.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
This PR pins the
Templum/govulncheck-action
,golangci/golangci-lint-action
, andcodecov/codecov-action
third-party actions to the full-length commit SHAs for their most recent releases.Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository. docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions