Closed vgrassia closed 5 months ago
Checkmarx One – Scan Summary & Details – 4166b710-40cc-4159-be37-85a597269f84
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 25 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 123 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 115 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 51 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 108 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Severity | Issue | Source File / Package |
---|---|---|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 88 | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 29 |
Type of change
Objective
This PR updates the
Version Bump
workflow to use theversion-next
action to automatically calculate the next release version if an override version is not specified.Code changes
version-next
action.Before you submit
dotnet format --verify-no-changes
) (required)