zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: pin actions to commit SHAs and add Skills section to CLAUDE.md

Browse Source 
Pin all GitHub Actions to commit SHAs instead of mutable version tags
across ci.yml, release.yml, maintenance.yml, and all reusable workflows.
This prevents supply-chain attacks via tag hijacking.

Add the required Skills section to CLAUDE.md mapping project files
(README.md, .github/workflows/*.yml) to their respective review skills.
This commit is contained in:
Andriy Kalashnykov
2026-03-29 17:16:56 -04:00
parent 527c79350c
commit 46f37ae4fb
7 changed files with 40 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/reusable-release.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
fetch-depth: 0