semver release tags #307
Comments
|
Faced with the same thing. |
|
Thanks for the feedback. We started creating |
|
Please do not create anything yet .
How can you confirm the value is correct?
…On Wed, 8 Sep 2021, 2:08 am Aditya Sharad, ***@***.***> wrote:
Closed #307 <#307>.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#307 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AUQK4KJM7OSKU77CKWZQO4DUA2LNRANCNFSM4TYXUC6A>
.
|
evverx
added a commit
to evverx/systemd
that referenced
this issue
Nov 12, 2021
to let Dependabot keep track of them using SHAs codeql-actions doesn't point to SHAs because it isn't clear whether Dependabot supports their release cycle mentioned at github/codeql-action#307
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Would it be possible to start tagging semver-compatible releases?
We follow GitHub's best practice of pinning our Actions to full length commit SHAs.
We use Dependabot version updates to keep our other Actions up to date. This doesn't work with
github/codeql-actionsince there are no released tags.I think everything would work if there were semver compatible tags (e.g.
v1.0.0,v1.1.0along thev1branch).The text was updated successfully, but these errors were encountered: