Skip to content

[CI] Pin remaining actions to SHA for supply chain security#3070

Open
jbampton wants to merge 1 commit into
apache:masterfrom
jbampton:pin-all-actions-to-sha
Open

[CI] Pin remaining actions to SHA for supply chain security#3070
jbampton wants to merge 1 commit into
apache:masterfrom
jbampton:pin-all-actions-to-sha

Conversation

@jbampton

@jbampton jbampton commented Jun 20, 2026

Copy link
Copy Markdown
Member

Cleans up the zizmor.yml linter file.

https://github.com/apache/infrastructure-actions/blob/25ab499ef9c241b64a56860245e57c195baddec6/approved_patterns.yml#L279

r-lib/actions@a51a801

Did you read the Contributor Guide?

Is this PR related to a ticket?

  • No:
    • this is a CI update. The PR name follows the format [CI] my subject

What changes were proposed in this PR?

Pinning GitHub Actions to a specific commit SHA is the primary method to prevent supply-chain attacks. It guarantees that your continuous integration (CI) workflows execute the exact, unalterable version of code you have verified

How was this patch tested?

prek run -a

Did this PR include necessary documentation updates?

  • No, this PR does not affect any public API so no need to change the documentation.

@jbampton jbampton requested a review from jiayuasu as a code owner June 20, 2026 12:17
@jbampton jbampton added github_actions Pull requests that update GitHub Actions code security labels Jun 20, 2026
@jbampton jbampton added this to the sedona-1.9.1 milestone Jun 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jiayuasu jiayuasu Awaiting requested review from jiayuasu jiayuasu is a code owner

Assignees

No one assigned

Labels

github_actions Pull requests that update GitHub Actions code security

Projects

None yet

Milestone

sedona-1.9.1

Development

Successfully merging this pull request may close these issues.

1 participant

@jbampton