Notice: Future Deprecation of setup-bin
We are considering deprecating this action in the future.
Rationale:
- Due to the increasing prevalence of supply chain attacks, we cannot recommend using
setup-bin going forward.
- The current approach makes the process of updating binaries and tracking CVE status more opaque.
- The URLs used to fetch binaries can change at any time, and this action does not enforce SHA256 (or similar) checksums, increasing the risk that supplied binaries could be altered or compromised without detection.
Notice: Future Deprecation of
setup-binWe are considering deprecating this action in the future.
Rationale:
setup-bingoing forward.