Skip to content

Commit

Permalink
Check that dependencies don't include unmerged commits
Browse files Browse the repository at this point in the history
This ensures that the project doesn't end up depending on commits that
aren't present in the corresponding branch of the dependency. This is
useful to prevent merging with pre-rebase commits from cross-project
changes; it also ensures that malicious commits from forks can't end
up references in the main projects.

Signed-off-by: Stephen Kitt <[email protected]>
  • Loading branch information
skitt authored and tpantelis committed Nov 18, 2024
1 parent 68f3758 commit 580c5ef
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions .github/workflows/linting.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,15 @@ jobs:
flags: 'i'
error: 'Fixup commits should be squashed into the commits under review'

check-branch-dependencies:
name: Check branch dependencies
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- name: Check that no dependencies include unmerged commits
run: make check-non-release-versions

gitlint:
name: Commit Message(s)
runs-on: ubuntu-latest
Expand Down

0 comments on commit 580c5ef

Please sign in to comment.