Giters

zgosalvez / github-actions-ensure-sha-pinned-actions

A Github Action to ensure that actions are pinned to full length commit SHAs

Home Page:https://github.com/marketplace/actions/ensure-sha-pinned-actions

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Workflow file with multiple uses only shows first failure

leemeador opened this issue · comments

commented

Using this version:

        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@v3.0.7

With these lines in among the steps of a workflow in .github/workflows

    steps:
      - id: files
        uses: jitterbit/get-changed-files@v1
        continue-on-error: true

    ... more stuff here without any 'uses" steps ...

      - name: Checkout Repo
        uses: actions/checkout@v4.1.1

shows this error:

.github/workflows/the-workflow.yaml
  Error:  jitterbit/get-changed-files@v1 is not pinned to a full length commit SHA.

And there is no mention of the checkout without a sha

commented

The current behavior is by-design, so I'm labeling this issue as an enhancement.