Fix potential github action smells
ceddy4395 opened this issue Β· comments
Cedric commented
Describe the bug
Hey! π
During my research I've found the following potential smells:
- Avoid executing scheduled workflows on forks
- Use names for run steps
- Define permissions for workflows with external actions
- Steps should only perform a single command
- Use commit hash instead of tags for action versions
I'll fix them in a PR and would love to hear your feedback!
These changes are part of a research Study at TU Delft looking at GitHub Action Smells. Find out more
Reproduction
No response
Expected behavior
No response
Platform and versions
Github actions
Stack trace
No response
Additional context
No response