sigmavirus24
commented
1 year ago I don't think we want to pin this strictly. Checkout shouldn't fail randomly and if it does, I'd expect a newer version to be released quickly
Closed l0b0 closed 1 year ago
sigmavirus24
commented
1 year ago I don't think we want to pin this strictly. Checkout shouldn't fail randomly and if it does, I'd expect a newer version to be released quickly
jorisroovers
commented
1 year ago No super strong opinion on this.
FWIW, with python we did pin to a specific version and dependabot has been doing a good job of bumping these, for example: https://github.com/jorisroovers/gitlint/pull/316
However small, pinning does reduce the chance for failure because of version upgrades, as such, I don't think it hurts to merge this PR.
jorisroovers
commented
1 year ago Again, no strong opinion - I just merged to clean this up. We can easily rollback if it's not working for us.
GitHub Actions unfortunately runs the latest version of the actions which fits the
usesdirective version. So right nowactions/checkout@v3is equivalent toactions/checkout@v3.0.2, but this can change at any time. To avoid workflows suddenly failing in case a new minor/patch version of an action, this PR uses the most specific version number available for the checkout action.