[TASK] Harden GitHub Actions#636
Conversation
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
WalkthroughThe PR hardens GitHub Actions workflows by declaring explicit permissions blocks and disabling checkout credential persistence across three workflows. It adds Zizmor security scanning to the cgl workflow and modernizes the release workflow by introducing a shared environment variable for tag handling, updating caching strategies, and replacing the release-action action with a native gh CLI release command. ChangesWorkflow Security and Release Modernization
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Coverage Report for CI Build 26122437111Coverage remained the same at 90.01%Details
Uncovered ChangesNo uncovered changes found. Coverage RegressionsNo coverage regressions found. Coverage Stats
💛 - Coveralls |
There was a problem hiding this comment.
Actionable comments posted: 2
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 3246ddd0-7ce9-4bc2-9743-7653e7654f07
📒 Files selected for processing (3)
.github/workflows/cgl.yaml.github/workflows/release.yaml.github/workflows/tests.yaml
434c35e to
142b99e
Compare
Summary by CodeRabbit
Release Notes
Chores