Skip to content

Pin marocchino/sticky-pull-request-comment action to a hash#7751

Merged
youknowone merged 1 commit into
RustPython:mainfrom
ShaharNaveh:pin-actions-lib-deps
May 1, 2026
Merged

Pin marocchino/sticky-pull-request-comment action to a hash#7751
youknowone merged 1 commit into
RustPython:mainfrom
ShaharNaveh:pin-actions-lib-deps

Conversation

@ShaharNaveh
Copy link
Copy Markdown
Contributor

@ShaharNaveh ShaharNaveh commented May 1, 2026
edited by coderabbitai Bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated internal CI/CD workflow to use pinned dependency versions for improved stability and reproducibility.

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented May 1, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 24c6a238-8271-47a5-a24d-e92cfbfbb0ed

📥 Commits

Reviewing files that changed from the base of the PR and between e79df4a and d2e1760.

📒 Files selected for processing (1)
  • .github/workflows/lib-deps-check.yaml
📝 Walkthrough

Walkthrough

GitHub Actions workflow updated to pin the marocchino/sticky-pull-request-comment action to a specific commit SHA instead of the floating v3 tag, enhancing reproducibility and security in the dependency management workflow.

Changes

Cohort / File(s) Summary
Workflow Dependency Pinning
.github/workflows/lib-deps-check.yaml		 Pinned marocchino/sticky-pull-request-comment action from floating v3 tag to commit SHA 0ea0beb66eb9baf113663a64ec522f60e49231c0 (v3.0.4) in both "Post comment" and "Remove comment if no Lib changes" steps.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

  • youknowone

Poem

🐰 A version floats free, but now it's pinned tight,
The SHA's locked in, everything working just right!
No surprises at dawn, no chaos at night,
Dependencies secured with cryptographic might! ✨

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately and concisely describes the main change: pinning a specific GitHub Action to a commit hash instead of a floating version tag.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
Review rate limit: 7/8 reviews remaining, refill in 7 minutes and 30 seconds.

Comment @coderabbitai help to get the list of available commands and usage tips.

@youknowone youknowone merged commit c027ffc into RustPython:main May 1, 2026
37 of 38 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@youknowone youknowone youknowone approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ShaharNaveh @youknowone