github-actions[bot]
commented
1 year ago Thanks for reporting this issue, don't forget to star this project if you haven't already to help us reach a wider audience.
Closed juanimcal-indx closed 1 year ago
github-actions[bot]
commented
1 year ago Thanks for reporting this issue, don't forget to star this project if you haven't already to help us reach a wider audience.
jackton1
commented
1 year ago @juanimcal-indx This should now be available in the latest release.
juanimcal-indx
commented
1 year ago Thank you very much @jackton1
jackton1
commented
1 year ago Hi @juanimcal-indx I wanted to let you know that this change would only be implemented for tags with the -sec suffix in which case you just need to add -sec suffix if you are referencing the tag or the sha.
See the Versioning section of the docs for more details
Is this feature missing in the latest version?
Is your feature request related to a problem? Please describe.
Due to restrictions in my organization, we are unable to use your action as there are 2 actions used inside changed-files:
The actions are referenced using a tag.
It's considered a good practice to avoid branches & tags, using sha instead to reference exact and unique references to the code of the action: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
Describe the solution you'd like?
Reference internal action calls by full sha instead tag.
Describe alternatives you've considered?
Anything else?
Code of Conduct