Skip to content

ci: pin GitHub Actions to SHA-pinned commit versions#6

Merged
NicolasCARPi merged 1 commit intomasterfrom
mouss-260403-pinShaVersionsToGithubActions
Apr 3, 2026
Merged

ci: pin GitHub Actions to SHA-pinned commit versions#6
NicolasCARPi merged 1 commit intomasterfrom
mouss-260403-pinShaVersionsToGithubActions

Conversation

@MoustaphaCamara
Copy link
Copy Markdown
Contributor

@MoustaphaCamara MoustaphaCamara commented Apr 3, 2026
edited by coderabbitai bot
Loading

Pin github actions to SHA-pinned commit versions

Summary by CodeRabbit

Release Notes

  • Chores
    • Updated GitHub Actions workflow configurations to pin versions for improved reliability and consistency.

@MoustaphaCamara
ci: pin GitHub Actions to SHA-pinned commit versions
23c92c9 
Pin github actions to SHA-pinned commit versions
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 3, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2727f2b4-6f26-4a4e-9c53-7236f2b0b12d

📥 Commits

Reviewing files that changed from the base of the PR and between ec2b70f and 23c92c9.

📒 Files selected for processing (1)
  • .github/workflows/codespell.yml

Walkthrough

The GitHub Actions workflow for codespell has been secured by pinning critical action dependencies to specific commit SHAs. The actions/checkout action and codespell-project/actions-codespell action now reference exact commits rather than floating version tags, ensuring reproducible and deterministic workflow execution.

Changes

Cohort / File(s) Summary
Workflow Action Pinning
.github/workflows/codespell.yml		 Pinned actions/checkout from @v4 to a specific commit SHA and codespell-project/actions-codespell from @v2 to a specific commit SHA, improving supply chain security and reproducibility without altering step logic or inputs.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🖖 With steady hands upon the helm, we chart our course,
Each dependency locked firm, a captain's wise force,
No drift nor variance shall shake this vessel's way,
The Enterprise sails true—secure for every day!

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the primary change: pinning GitHub Actions to specific commit SHAs in the workflow file.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch mouss-260403-pinShaVersionsToGithubActions

Comment @coderabbitai help to get the list of available commands and usage tips.

@NicolasCARPi NicolasCARPi merged commit 789f0fe into master Apr 3, 2026
2 checks passed
@NicolasCARPi NicolasCARPi deleted the mouss-260403-pinShaVersionsToGithubActions branch April 3, 2026 19:05
NicolasCARPi added a commit that referenced this pull request Apr 14, 2026
@NicolasCARPi
Merge branch 'master' of github.com:elabftw/documentation
9d0e79a 
* 'master' of github.com:elabftw/documentation:
  ci: pin GitHub Actions to SHA-pinned commit versions (#6)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NicolasCARPi NicolasCARPi NicolasCARPi approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MoustaphaCamara @NicolasCARPi