Skip to content

Fix codeql-action tags after #4335#4387

Merged
dimas-b merged 1 commit into
apache:mainfrom
dimas-b:fix-codeql-action-tag
May 8, 2026
Merged

Fix codeql-action tags after #4335#4387
dimas-b merged 1 commit into
apache:mainfrom
dimas-b:fix-codeql-action-tag

Conversation

@dimas-b
Copy link
Copy Markdown
Contributor

@dimas-b dimas-b commented May 7, 2026
edited
Loading

Cf. #4326 (comment)

From Zizmor output in CI:

Warning: ci-security.yml:73: action's hash pin has mismatched or missing version comment: points to commit 68bde559dea0
Warning: ci-security.yml:78: action's hash pin has mismatched or missing version comment: points to commit 68bde559dea0
Warning: ci.yml:276: action's hash pin has mismatched or missing version comment: points to commit 68bde559dea0

Checklist

  • 🛡️ Don't disclose security issues! (contact security@apache.org)
  • 🔗 Clearly explained why the changes are needed, or linked related issues: Fixes #
  • 🧪 Added/updated tests with good coverage, or manually tested (and explained how)
  • 💡 Added comments for complex logic
  • 🧾 Updated CHANGELOG.md (if needed)
  • 📚 Updated documentation in site/content/in-dev/unreleased (if needed)

@dimas-b @obelix74
Fix codeql-action tags after apache#4335
a7c4658 
Cf. apache#4326 (comment)

Co-authored-by: Anand K Sankaran <lists@anands.net>
@github-project-automation github-project-automation Bot moved this to PRs In Progress in Basic Kanban Board May 7, 2026
@dimas-b dimas-b mentioned this pull request May 7, 2026
Merged
6 tasks
@dimas-b dimas-b mentioned this pull request May 7, 2026
Merged
6 tasks
flyrain
flyrain approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@flyrain flyrain left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix. BTW, what's wrong with #4335?

@github-project-automation github-project-automation Bot moved this from PRs In Progress to Ready to merge in Basic Kanban Board May 7, 2026
@dimas-b
Copy link
Copy Markdown
Contributor Author

dimas-b commented May 8, 2026
edited
Loading

#4335 did not update tags in comments - which is what Zizmor validates. IDK why it passed CI :)

@dimas-b dimas-b merged commit c753509 into apache:main May 8, 2026
23 checks passed
@dimas-b dimas-b deleted the fix-codeql-action-tag branch May 8, 2026 00:01
@github-project-automation github-project-automation Bot moved this from Ready to merge to Done in Basic Kanban Board May 8, 2026
@flyrain
Copy link
Copy Markdown
Contributor

flyrain commented May 8, 2026

Got it, thanks for the explanation, @dimas-b ! It's a bit weird it failed on a wrong comment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@flyrain flyrain flyrain approved these changes

+1 more reviewer

@obelix74 obelix74 obelix74 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dimas-b @flyrain @obelix74