Closed l0b0 closed 1 year ago
I don't think we want to pin this strictly. Checkout shouldn't fail randomly and if it does, I'd expect a newer version to be released quickly
No super strong opinion on this.
FWIW, with python we did pin to a specific version and dependabot has been doing a good job of bumping these, for example: https://github.com/jorisroovers/gitlint/pull/316
However small, pinning does reduce the chance for failure because of version upgrades, as such, I don't think it hurts to merge this PR.
Again, no strong opinion - I just merged to clean this up. We can easily rollback if it's not working for us.
GitHub Actions unfortunately runs the latest version of the actions which fits the
uses
directive version. So right nowactions/checkout@v3
is equivalent toactions/checkout@v3.0.2
, but this can change at any time. To avoid workflows suddenly failing in case a new minor/patch version of an action, this PR uses the most specific version number available for the checkout action.