Skip to content

Change all tags from workflows to pinned SHAs#536

Draft
RyanH-STFC wants to merge 1 commit intomainfrom
change-tag-to-sha
Draft

Change all tags from workflows to pinned SHAs#536
RyanH-STFC wants to merge 1 commit intomainfrom
change-tag-to-sha

Conversation

@RyanH-STFC
Copy link
Copy Markdown
Contributor

@RyanH-STFC RyanH-STFC commented Apr 22, 2026

  • Change all of the tags in the repo to pinned SHAs as it is best practice as a defence against supply chain attacks

Description:

Special Notes:

Submitter:

Have you:

  • Labelled this PR, e.g. bug, deployment, enhancement ...etc.
  • A deployment can be reviewed, and merged, by a single reviewer.
  • It can only be used to deploy, change, or remove clusters based on existing patterns for staging.
  • Anything involving prod, or production facing services must use the normal 2 person review.
  • All other PR types require the usual PR process (e.g. 2 person).

Reviewer

Have you:

  • Verified this PR uses the correct label(s) based on the rules above?
  • Checked if this could affect production (e.g. a global value that's changed without an override)?
  • Tested setting this up, if it's not a deployment, to verify it can be redeployed with any documentation if appropriate?

@RyanH-STFC
Change all tags from workflows to pinned SHAs
0e7c2e2 
- Change all of the tags in the repo to pinned SHAs as it is best
  practice as a defence against supply chain attacks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RyanH-STFC