Skip to content

Build: Reference GitHub Actions by commit SHAs #5269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jun 13, 2023
Merged

Conversation

gabibguti
Copy link
Contributor

@gabibguti gabibguti commented Jun 7, 2023

Summary

Resolves #5266

It's important to make sure the SHA's are from the original repositories and not forks. I have manually verified all of them and added references in the commit descriptions.

Checklist

gabibguti added 2 commits June 7, 2023 17:42
It's important to make sure the SHA's are from the original repositories and not forks.

For reference:

https://github.com/actions/checkout/releases/tag/v3.5.2
actions/checkout@8e5e7e5

https://github.com/github/codeql-action/releases/tag/v2.3.6
github/codeql-action@83f0fe6


Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Jun 7, 2023

CLA Signed

The committers listed above are authorized under a signed CLA.

@mgol
Copy link
Member

mgol commented Jun 7, 2023

Thank you! Please sign the CLA.

@mgol
Copy link
Member

mgol commented Jun 12, 2023

@gabibguti Ping. Please sign the OpenJSF CLA, we cannot merge the PR otherwise.

@gabibguti
Copy link
Contributor Author

Hi @mgol! Thanks for the reminder. I'm checking internally with Google if I can sign the CLA.

@mgol
Copy link
Member

mgol commented Jun 12, 2023

I see. If you're submitting this on company time, I think you'll need to chose the "Proceed as a Corporate Contributor" button.

@gabibguti
Copy link
Contributor Author

@mgol Done!

Copy link
Member

@mgol mgol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@mgol mgol added the Build label Jun 13, 2023
@mgol mgol added this to the 3.7.1 milestone Jun 13, 2023
@mgol mgol changed the title Reference actions by commit SHA Build: Reference GitHub Actions by commit SHAs Jun 13, 2023
@mgol mgol merged commit 784b9ba into jquery:main Jun 13, 2023
mgol pushed a commit that referenced this pull request Jun 13, 2023
@mgol
Copy link
Member

mgol commented Jun 13, 2023

Landed on main in 784b9ba & on 3.x-stable in 0ea85da.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging this pull request may close these issues.

Reference actions by commit SHA
2 participants