Skip to content
This repository has been archived by the owner on Jun 13, 2024. It is now read-only.

Pin actions to hash instead of version, also default all permissions … #700

Merged
merged 1 commit into from
May 28, 2022
Merged

Pin actions to hash instead of version, also default all permissions … #700

merged 1 commit into from
May 28, 2022

Conversation

drewroengoogle
Copy link
Contributor

@drewroengoogle drewroengoogle commented May 27, 2022
edited
Loading

Pins all actions to a specific hash, also defaults permissions to readonly. This resolves a significant amount of code scanning security vulnerabilities, such as:

Pre-launch Checklist

  • I read the Contributor Guide and followed the process outlined there for submitting PRs.
  • I read the Tree Hygiene wiki page, which explains my responsibilities.
  • I read the Flutter Style Guide recently, and have followed its advice.
  • I signed the CLA.
  • I listed at least one issue that this PR fixes in the description above.
  • I updated/added relevant documentation (doc comments with ///).
  • I added new tests to check the change I am making, or this PR is test-exempt.
  • All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel on Discord.

@drewroengoogle drewroengoogle requested a review from godofredoc May 27, 2022 21:39
@godofredoc godofredoc merged commit 99da81e into flutter:main May 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@godofredoc godofredoc godofredoc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@drewroengoogle @godofredoc