rlmark
commented
10 months ago Ah, sorry been a bit swamped, I'll see if I can look into why this PR is failing in a bit!
Closed ErikSchierboom closed 10 months ago
rlmark
commented
10 months ago Ah, sorry been a bit swamped, I'll see if I can look into why this PR is failing in a bit!
ErikSchierboom
commented
10 months ago @rlmark No need. It's because we now support formatting of the track's config.json file. https://github.com/exercism/unison/pull/104 fixes this.
This PR updates GitHub Actions workflows to a specific version. This ensures that the workflow will always run the same code, which makes your build stable. It will also prevent a potential security issue where a tag could be replaced by a malicious commit without consumers being aware of it.
The PR updates each non-SHA based workflow reference with the SHA of the referenced version/tag, so the current behavior should not change.
See https://exercism.org/docs/building/github/gha-best-practices#h-pin-actions-to-shas for more information.