Skip to content

Pin actions/cache by Git SHA #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Jaxelr merged 1 commit into from
Oct 9, 2025
Merged

Pin actions/cache by Git SHA #90

Jaxelr merged 1 commit into from
Oct 9, 2025
+4 −4

Conversation

@martincostello
Copy link
Contributor

@martincostello martincostello commented Aug 30, 2025

Pin actions/cache by Git SHA to enable use in repositories that enforce workflows use SHA-pinned actions.

@martincostello
Pin actions/cache by SHA
be39319 
Pin actions/cache by Git SHA to enable use in repositories that enforce workflows use SHA-pinned actions.
Copilot AI review requested due to automatic review settings August 30, 2025 14:38
@martincostello martincostello requested a review from a team as a code owner August 30, 2025 14:38
Copilot AI reviewed Aug 30, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates all references to the actions/cache action from using the tag v4 to using the specific Git SHA 0400d5f644dc74513175e3cd8d07132dd4860809 (which corresponds to v4.2.4) to comply with security policies that require SHA-pinned actions.

  • Pin actions/cache references to specific SHA with version comment for transparency
  • Enable usage in repositories with SHA-pinning requirements

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@Jaxelr Jaxelr self-requested a review October 9, 2025 22:20
Jaxelr
Jaxelr approved these changes Oct 9, 2025
View reviewed changes
Copy link
Member

@Jaxelr Jaxelr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Jaxelr Jaxelr merged commit fc390cf into Azure:main Oct 9, 2025
1 check passed
@martincostello martincostello deleted the pin-actions branch October 9, 2025 22:30
@martincostello
Copy link
Contributor Author

martincostello commented Oct 10, 2025

@Jaxelr Can we get a new release containing these changes please?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Jaxelr Jaxelr Jaxelr approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@martincostello @Jaxelr