Problem
Dependabot PR #7757 (chore(deps): bump the third-party-actions group with 2 updates) fails the asf-allowlist-check job.
The bump pins rust-lang/crates-io-auth-action to a new commit SHA used in .github/workflows/release_rust.yml:
rust-lang/crates-io-auth-action@c6f97d42243bad5fab37ca0427f495c86d5b1a18
This SHA is not yet on the ASF GitHub Actions allowlist, so asf-allowlist-check exits non-zero and blocks the PR. This is an ASF INFRA-side requirement, not a problem with the bump itself: the new action revision must be added to the allowlist in apache/infrastructure-actions (allowlist-check/actions.yml) before the PR can pass CI and merge.
The other action in the same group, rubygems/release-gem@052cc82692552de3ef2b81fd670e41d13cba8092, is already allowlisted and is not flagged.
Action needed
Add to the ASF allowlist via apache/infrastructure-actions:
rust-lang/crates-io-auth-action@c6f97d42243bad5fab37ca0427f495c86d5b1a18
Once allowlisted, re-run CI on #7757 and merge.
Problem
Dependabot PR #7757 (
chore(deps): bump the third-party-actions group with 2 updates) fails theasf-allowlist-checkjob.The bump pins
rust-lang/crates-io-auth-actionto a new commit SHA used in.github/workflows/release_rust.yml:rust-lang/crates-io-auth-action@c6f97d42243bad5fab37ca0427f495c86d5b1a18This SHA is not yet on the ASF GitHub Actions allowlist, so
asf-allowlist-checkexits non-zero and blocks the PR. This is an ASF INFRA-side requirement, not a problem with the bump itself: the new action revision must be added to the allowlist inapache/infrastructure-actions(allowlist-check/actions.yml) before the PR can pass CI and merge.The other action in the same group,
rubygems/release-gem@052cc82692552de3ef2b81fd670e41d13cba8092, is already allowlisted and is not flagged.Action needed
Add to the ASF allowlist via
apache/infrastructure-actions:rust-lang/crates-io-auth-action@c6f97d42243bad5fab37ca0427f495c86d5b1a18Once allowlisted, re-run CI on #7757 and merge.