Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide guidance for consuming the action using a fixed reference #41

Open
samkearney opened this issue Nov 14, 2023 · 1 comment
Open

Provide guidance for consuming the action using a fixed reference #41

samkearney opened this issue Nov 14, 2023 · 1 comment

Comments

@samkearney
Copy link

samkearney commented Nov 14, 2023
edited
Loading

Hello,

As mentioned in the GitHub documentation, best practice for consuming third-party actions is to use a fixed reference such as a tag or SHA. The current README documentation shows this action being consumed @master, which is not ideal from a stability perspective.

I would request one of the following:

(a) Implement release management using tags as described in the GitHub docs linked above. Since it seems like this action is rarely updated, this could be as simple as adding a v1 and v1.0.0 tags pointing at the latest commit on master. Then update the README documentation to show the action being consumed using cloudsmith-io/action@v1 instead of cloudsmith-io/action@master.

(b) Update the README documentation to show consumption via a SHA, e.g. cloudsmith-io/action@04d1b7d955cd82529987396158a17fae4faa4d54

Thanks for considering.
@nickxn
Copy link

nickxn commented Jun 24, 2024

Thanks for the suggestion @samkearney ! I'll feed it back to our engineering team to consider the update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nickxn @samkearney