- Notifications
You must be signed in to change notification settings - Fork84
Remove unnecessary hardcoding ofref#617
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
I'm copying the setup of one of these actions to another repo, and thehardcoding of `ref` surprised me... these should be the same as thedefaault behavior. I checked with Barry who originally committed thesefiles, and he didn't remember why... possibly he'd hardcoded them whentesting the action and forgot to remove them.So let's pull them out to remove confusion.
| @@ -14,8 +14,7 @@ jobs: | |||
| app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }} | |||
| private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }} | |||
| - name: Check out code | |||
| uses: actions/checkout@v4 | |||
| - uses: actions/checkout@v4 | |||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
NAB: We should likely prefer to use a pinned SHA version for safety here since this is automerging PRs ( and rely on Dependabot to keep this up to date 😅 )
jeffwidmanApr 11, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
actions/checkout has been migrated to immutable actions, so it's now safe to pin directly to a human semver value. 🎉
3a5ce46 intomainUh oh!
There was an error while loading.Please reload this page.
I'm copying the setup of one of these actions to another repo, and the hardcoding of
refsurprised me... these should be the same as the defaault behavior. I checked with Barry who originally committed these files, and he didn't remember why... possibly he'd hardcoded them when testing the action and forgot to remove them.So let's pull them out to remove confusion.