Richard Zowalla created TOMEE-4496:
--------------------------------------
Summary: Convert GH Action Tags into Pinned SHA
Key: TOMEE-4496
URL: https://issues.apache.org/jira/browse/TOMEE-4496
Project: TomEE
Issue Type: Task
Reporter: Richard Zowalla
Infra is getting ready to actually enforce the policy that external GitHub
actions must be specified by git hash
([https://infra.apache.org/github-actions-policy.html]). The allowlist can be
found at
[https://github.com/apache/infrastructure-actions/blob/main/actions.yml] and as
you can see there the tags and whitelist are tentatively scheduled to expire
2025-08-01
[https://github.com/eclipse-csi/octopin/] can be used for converting
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
