Re: [PR] ci: add typo checker [datafusion]

Tue, 12 Aug 2025 02:42:38 -0700 


findepi commented on code in PR #17135:
URL: https://github.com/apache/datafusion/pull/17135#discussion_r2269289677


##########
.github/workflows/rust.yml:
##########
@@ -781,3 +781,11 @@ jobs:
       - name: Check datafusion-proto
         working-directory: datafusion/proto
         run: cargo msrv --output-format json --log-target stdout verify
+  typos:
+    name: Spell Check with Typos
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          persist-credentials: false
+      - uses: crate-ci/typos@master

Review Comment:
   Is this a 3rd party action maintained at https://github.com/crate-ci/typos?
   Is it already ASF approved?
   If yes, this _**must**_ pin to a particular commit hash.



##########
.github/workflows/rust.yml:
##########
@@ -781,3 +781,11 @@ jobs:
       - name: Check datafusion-proto
         working-directory: datafusion/proto
         run: cargo msrv --output-format json --log-target stdout verify
+  typos:
+    name: Spell Check with Typos
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          persist-credentials: false

Review Comment:
   What is this for, and why this job is special?
   It seems no other jobs specify `persist-credentials`.



##########
.github/workflows/rust.yml:
##########
@@ -781,3 +781,11 @@ jobs:
       - name: Check datafusion-proto
         working-directory: datafusion/proto
         run: cargo msrv --output-format json --log-target stdout verify
+  typos:
+    name: Spell Check with Typos
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

Review Comment:
   if "unversioned new commit." is something not released yet, then let's 
please use a tagged version
   
   See also 
https://github.com/apache/datafusion/pull/17046#discussion_r2259765923
   I believe there is no good reason to pin precise commits for GitHub's own 
internal actions such as `actions/checkout`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to