Closed sergejparity closed 2 years ago
In order to improve our security posture with GitHub Actions usage. I've made a version pinning ether to commit hash or to specific version. Additionally added dependabot to track GHA version changes. Related issues and policy: https://github.com/paritytech/ci_cd/issues/114 https://github.com/paritytech/ci_cd/issues/464 https://github.com/paritytech/ci_cd/wiki/Policies-and-regulations:-GitHub-Actions-usage-policies
dependabot
In order to improve our security posture with GitHub Actions usage. I've made a version pinning ether to commit hash or to specific version. Additionally added
dependabot
to track GHA version changes. Related issues and policy: https://github.com/paritytech/ci_cd/issues/114 https://github.com/paritytech/ci_cd/issues/464 https://github.com/paritytech/ci_cd/wiki/Policies-and-regulations:-GitHub-Actions-usage-policies