jbampton commented on code in PR #1982:
URL: https://github.com/apache/sedona/pull/1982#discussion_r2163297273
##########
.github/workflows/r.yml:
##########
@@ -81,20 +81,20 @@ jobs:
sudo apt-get -y remove --purge default-jdk adoptopenjdk-11-hotspot
|| :
shell: bash
- uses: actions/checkout@v4
- - uses: r-lib/actions/[email protected]
+ - uses: r-lib/actions/setup-r@bd49c52ffe281809afa6f0fecbf37483c5dd0b93
Review Comment:
> Hi @jiayuasu Sir, I'm currently facing some lint issues related to GitHub
Actions. One of the errors is error[unpinned-uses], which occurs when actions
are referenced using tags like @v2.11.3. To fix this, I tried using the full
commit SHA instead, since the linter requires pinning to a specific version
hash for security.
>
> Would you mind helping me with the correct way to handle this? I just want
to make sure I'm following the project's guidelines properly.
>
> Thank you!
Hello @Aashish-Jha-11 you can use a config file to ignore some audit rules
https://docs.zizmor.sh/configuration/
Read up on the rules here:
https://docs.zizmor.sh/audits/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
