mirror of
https://github.com/fluxcd/flux2.git
synced 2026-02-08 00:37:27 +00:00
d0e6fcad3f
The main benefit of pinning GitHub actions is the determinism it brings in terms of what version of a given action will be executed. This is a step towards having hermetic builds. Once pinned to a commit, dependabot will automatically issue PRs to update to newer versions. Pinned versions is the only security metric from OpenSSF scorecard that this repository currently have a zero score. Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
9 lines
191 B
YAML
9 lines
191 B
YAML
version: 2
|
|
|
|
updates:
|
|
- package-ecosystem: "github-actions"
|
|
directory: "/"
|
|
labels: ["area/build"]
|
|
schedule:
|
|
# by default this will be on a monday.
|
|
interval: "weekly"
|