You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Group all GitHub Actions updates into a single larger pull (#79)
* Group all GitHub Actions updates into a single larger pull
Half of the currently open pull requests are generated by this tool.
It would be easier to review and merge if they were in a single PR.
GitHub Actions are only used at CI test-time, while most other dependencies are also used at runtime. This means that if the CI tests pass, maintainers have more confidence that the proposed changes will not break runtime.
GitHub Actions have very infrequent major version changes . `setup-python`, the most frequent, has only had five major upgrades in its lifetime.
When GitHub Actions are upgraded, it often happens in batches. The `pattern: *` proposed in this PR will consolidate all GHA updates into a single pull request to further reduce chattiness.
There is a tradeoff between supply chain security and chattiness. Given that we have a few GHAs that are updated rarely and usually in batches, and we are using `pattern: *` to ensure that ___there will only ever be a single GHA upgrade PR at a time___.
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
![pre-commit-ci[bot]](https://avatars.githubusercontent.com/in/68672?v=4&size=40){kind=avatar}
0 commit comments