github: update codespell action to v2.1 in workflow #4205
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting
.github/workflows/codespell.yml
Outdated
| - name: Codespell | ||
| uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 # v2 | ||
| uses: codespell-project/actions-codespell@v2.1 # v2 |
There was a problem hiding this comment.
This step previously used the full commit SHA for codespell-project/actions-codespell, which protects the workflow from supply-chain tampering and guarantees reproducible runs. Swapping it to the mutable tag @v2.1 means any future retag or force-push to that tag will silently alter the action’s behavior for every run. To maintain the same security posture as before, the reference should stay pinned to the release’s commit hash (the SHA corresponding to v2.1) rather than a floating tag.
Useful? React with 👍 / 👎.
.github/workflows/codespell.yml
Outdated
| uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1 | ||
| - name: Codespell | ||
| uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 # v2 | ||
| uses: codespell-project/actions-codespell@v2.1 # v2 |
There was a problem hiding this comment.
| uses: codespell-project/actions-codespell@v2.1 # v2 | |
| uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 # v2.1 |
Old version fails to find python 3.8 docker image