Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tomeraberbach
9 days ago
|
parent
|
context
|
favorite
| on:
Gh-actions-lockfile: generate and verify lockfiles...
Mildly ironic that the quickstart suggests starting with an unpinned action
gjtorikian/gh-actions-lockfile@v1
Presumably since it has to run first it must run unpinned?
Elucalidavah
9 days ago
[–]
Arguably, that's exactly the one action that will need to be hash-pinned, since all the consecutive actions will at least be verified against the lockfile.
reply
tomeraberbach
9 days ago
|
parent
[–]
Right, completely agree! By "must run unpinned" I meant "no way it can make itself run pinned, since it's already running"
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
gjtorikian/gh-actions-lockfile@v1
Presumably since it has to run first it must run unpinned?