Y
Hacker News
new
|
ask
|
show
|
jobs
by
tomeraberbach
174 days ago
Mildly ironic that the quickstart suggests starting with an unpinned action
gjtorikian/gh-actions-lockfile@v1
Presumably since it has to run first it must run unpinned?
1 comments
Elucalidavah
174 days ago
Arguably, that's exactly the one action that will need to be hash-pinned, since all the consecutive actions will at least be verified against the lockfile.
link
tomeraberbach
173 days ago
Right, completely agree! By "must run unpinned" I meant "no way it can make itself run pinned, since it's already running"
link