search

target / make-python-devex

An example Python project using Make, Homebrew, pyenv, poetry, and other great tools
MIT No Attribution
27 stars 1 forks source link

pin github action SHAs #5

Open bmuenzenmeyer opened 9 months ago

bmuenzenmeyer commented 9 months ago

top-level guidance is coming for this someday, but for now you can review this reference: https://blog.rafaelgss.dev/why-you-should-pin-actions-by-commit-hash

colindean commented 7 months ago

What tooling exists for resolving this, or would it be best to let dependabot handle that (#9)?

colindean commented 6 months ago

I'm going to hold off on doing this manually unless you think I really should do it sooner than later.

bmuenzenmeyer commented 5 months ago

Dependabot can do this