Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@notdodo
notdodo committed Jan 29, 2024
1 parent 8ff01c8 commit ba0e424
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/infra-security-scan.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:
# v5.0.0
with:
go-version: ${{ inputs.go-version }}

cache: false
- id: find-files
run: |
FILES=$(find . \( -iname "Makefile" -o -iname "GNUmakefile" -o -iname "*.mk" -o -iname "*.make" \))
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/rust-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ jobs:
with:
fetch-depth: 0
- name: Cargo cache
uses: swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84
uses: swatinem/rust-cache@master

Check warning on line 67 in .github/workflows/rust-ci.yml

View workflow job for this annotation

GitHub Actions / infra-scan / Scan with Kics

[MEDIUM] Unpinned Actions Full Length Commit SHA 

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.
with:
cache-on-failure: true
cache-all-crates: true
Expand Down

0 comments on commit ba0e424

Please sign in to comment.