Skip to content

Add extends property for GitHub Action digests#187

Merged
egguy merged 1 commit intomainfrom
add-action-pinning
Apr 8, 2026
Merged

Add extends property for GitHub Action digests#187
egguy merged 1 commit intomainfrom
add-action-pinning

Conversation

@egguy
Copy link
Copy Markdown
Owner

@egguy egguy commented Apr 8, 2026
edited by coderabbitai bot
Loading

Proposed Changes

Add action pinning to improve security

Related Issues

related to #177

Summary by CodeRabbit

  • Chores
    • Updated Renovate configuration to enhance GitHub Actions dependency management with improved digest pinning.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 8, 2026
edited
Loading

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7b7080b5-3b31-4a66-bf79-7e33dc16c8b6

📥 Commits

Reviewing files that changed from the base of the PR and between af3dab3 and b9c521f.

📒 Files selected for processing (1)
  • .github/renovate.json
📝 Walkthrough

Walkthrough

The Renovate configuration is updated to include a helper that pins GitHub Action digests, enabling automatic management of action versions by their cryptographic hash rather than mutable tags.

Changes

Cohort / File(s) Summary
Renovate Configuration
.github/renovate.json		 Added helpers:pinGitHubActionDigests to the extends array to enable automatic pinning of GitHub Action digests.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A digest so secure, pinned nice and tight,
GitHub Actions dance in cryptographic light,
No more mutable tags causing us fright—
Renovate's helper keeps versions locked right! 🔒✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: adding the extends property with helpers:pinGitHubActionDigests to the Renovate configuration for GitHub Action digest pinning.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch add-action-pinning

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@egguy egguy added enhancement Enhancement of the code, not introducing new features. dependencies Upgrade or downgrade of project dependencies. labels Apr 8, 2026
@egguy egguy self-assigned this Apr 8, 2026
@egguy egguy merged commit 80be549 into main Apr 8, 2026
2 of 4 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Apr 10, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

@egguy egguy

Labels

dependencies Upgrade or downgrade of project dependencies. enhancement Enhancement of the code, not introducing new features.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@egguy