ci: update lock threads action#1092
Conversation
📝 WalkthroughWalkthroughThis PR updates the GitHub Actions workflow to pin the ChangesGitHub Workflow Configuration
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/lock.yml:
- Around line 19-20: Update the inline comment for the pinned GitHub Action so
it includes the release tag in addition to the commit SHA: change the comment
that currently reads "dessant/lock-threads pinned to commit
89ae32b08ed1a541efecbab17912962a5e38981c" to mention the corresponding
tag/release v6.0.2 (e.g., "dessant/lock-threads v6.0.2 pinned to commit
89ae32b08ed1a541efecbab17912962a5e38981c") so future maintainers can see the
release version while the action remains pinned to that commit.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 69ffa5ba-5850-403b-9f7c-84c5f36e1f7c
📒 Files selected for processing (1)
.github/workflows/lock.yml
| # dessant/lock-threads pinned to commit 89ae32b08ed1a541efecbab17912962a5e38981c | ||
| - uses: dessant/lock-threads@89ae32b08ed1a541efecbab17912962a5e38981c |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify the dessant/lock-threads commit SHA and version
# Check if the commit exists and get its details
echo "=== Verifying commit SHA ==="
gh api repos/dessant/lock-threads/commits/89ae32b08ed1a541efecbab17912962a5e38981c --jq '{sha: .sha, date: .commit.committer.date, message: .commit.message}' 2>&1
# Check what tags contain this commit
echo -e "\n=== Tags containing this commit ==="
gh api repos/dessant/lock-threads/tags --jq '.[] | select(.commit.sha == "89ae32b08ed1a541efecbab17912962a5e38981c") | {name: .name, sha: .commit.sha}'
# Get the latest release
echo -e "\n=== Latest release ==="
gh api repos/dessant/lock-threads/releases/latest --jq '{tag: .tag_name, published: .published_at, name: .name}'
# Check for security advisories
echo -e "\n=== Security advisories ==="
gh api graphql -f query='
{
repository(owner: "dessant", name: "lock-threads") {
vulnerabilityAlerts(first: 5) {
nodes {
securityVulnerability {
advisory {
summary
severity
}
}
}
}
}
}'Repository: final-form/react-final-form
Length of output: 563
Document the pinned dessant/lock-threads version in the comment (v6.0.2)
The pinned commit 89ae32b08ed1a541efecbab17912962a5e38981c corresponds to dessant/lock-threads tag v6 / release v6.0.2 (no GitHub vulnerability alerts are reported). Update the line 19 comment to include v6.0.2 (not just the commit SHA) for easier maintenance/upgrade tracking.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/workflows/lock.yml around lines 19 - 20, Update the inline comment
for the pinned GitHub Action so it includes the release tag in addition to the
commit SHA: change the comment that currently reads "dessant/lock-threads pinned
to commit 89ae32b08ed1a541efecbab17912962a5e38981c" to mention the corresponding
tag/release v6.0.2 (e.g., "dessant/lock-threads v6.0.2 pinned to commit
89ae32b08ed1a541efecbab17912962a5e38981c") so future maintainers can see the
release version while the action remains pinned to that commit.
Summary
Test Plan
Summary by CodeRabbit