Copilot commented on code in PR #835:
URL:
https://github.com/apache/incubator-seata-go/pull/835#discussion_r2263330591
##########
.github/workflows/integrate-test.yml:
##########
@@ -61,15 +61,23 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
+ - name: Set up Docker
+ uses: docker/setup-buildx-action@v2
+
+ - name: Install Docker Compose
+ run: |
+ curl -L
"https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-$(uname
-s)-$(uname -m)" -o /usr/local/bin/docker-compose
+ chmod +x /usr/local/bin/docker-compose
+ docker-compose --version
Review Comment:
Downloading and executing binaries from external URLs without checksum
verification poses a security risk. Consider using the official Docker Compose
action or verifying the downloaded binary's checksum.
```suggestion
- name: Set up Docker Compose
uses: docker/compose-action@v2
```
##########
.github/workflows/integrate-test.yml:
##########
@@ -37,14 +37,14 @@ jobs:
strategy:
matrix:
golang:
- - 1.18
+ - 1.20.0
Review Comment:
The Go version in the matrix should be '1.20' instead of '1.20.0' to match
the version used in the setup-go action on line 47 and maintain consistency
with the build.yml workflow.
```suggestion
- 1.20
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@seata.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@seata.apache.org
For additional commands, e-mail: notifications-h...@seata.apache.org
