Skip to content

[WIP] [WIP] Address feedback on action version pinning in security fix PR#17076

Closed
Copilot wants to merge 1 commit intosstoychev/pinning-repo-dispatchfrom
copilot/sub-pr-17075
Closed

[WIP] [WIP] Address feedback on action version pinning in security fix PR#17076
Copilot wants to merge 1 commit intosstoychev/pinning-repo-dispatchfrom
copilot/sub-pr-17075

Conversation

Copy link
Contributor

Copilot AI commented Mar 23, 2026

Thanks for the feedback on #17075. I've created this new PR, which merges into #17075, to address your comment. I will work on the changes and keep this PR's description up to date as I make progress.

Original PR: #17075
Triggering review: #17075 (comment)

@copilot , We are running under the assumption that steps under official github actions are supposed to be secure. Otherwise we'd have to SHA pin every single action which for every single yml will make everything a bit unwieldy.

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI mentioned this pull request Mar 23, 2026
Open
14 tasks
@ChronosSF ChronosSF closed this Mar 23, 2026
@ChronosSF ChronosSF deleted the copilot/sub-pr-17075 branch March 23, 2026 13:28
Copilot AI requested a review from ChronosSF March 23, 2026 13:28
Copilot stopped work on behalf of ChronosSF due to an error March 23, 2026 13:28
The session was cancelled by the user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChronosSF ChronosSF Awaiting requested review from ChronosSF

Assignees

@ChronosSF ChronosSF

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChronosSF