[openstreetmap/openstreetmap-website] Lock GitHub Actions dependencies to SHAs for security and predictability (PR #6332)
Tom Hughes
notifications at github.com
Mon Aug 18 22:01:31 UTC 2025
tomhughes left a comment (openstreetmap/openstreetmap-website#6332)
I see the PR that @Firefishy pointed at says GitHub recommend this... Does anybody have a pointer to that?
I'm sure we probably should do it but the ugliness makes me sad :disappointed:
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/6332#issuecomment-3198556567
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/6332/c3198556567 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20250818/9eff3146/attachment.htm>
More information about the rails-dev
mailing list