Skip to content

DT-2276: Update version references to hashes #2682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rushtong merged 3 commits into from
Sep 25, 2025
Merged

DT-2276: Update version references to hashes #2682

rushtong merged 3 commits into from
Sep 25, 2025

Conversation

@rushtong
Copy link
Contributor

@rushtong rushtong commented Sep 25, 2025
edited
Loading

Addresses

https://broadworkbench.atlassian.net/browse/DT-2276

Summary

Updates version references to exact hashes for the following GHAs:

This addresses a Sonar warning that calls this out as a security hotspot: https://sonarcloud.io/organizations/broad-databiosphere/rules?open=githubactions%3AS7637&rule_key=githubactions%3AS7637

Have you read CONTRIBUTING.md lately? If not, do that first.

  • Label PR with a Jira ticket number and include a link to the ticket
  • Label PR with a security risk modifier [no, low, medium, high]
  • PR describes scope of changes
  • Get a minimum of one thumbs worth of review, preferably two if enough team members are available
  • Get PO sign-off for all non-trivial UI or workflow changes
  • Verify all tests go green
  • Test this change deployed correctly and works on dev environment after deployment

@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 25, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@rushtong rushtong marked this pull request as ready for review September 25, 2025 17:27
@rushtong rushtong requested a review from a team as a code owner September 25, 2025 17:27
@rushtong rushtong requested review from fboulnois and otchet-broad and removed request for a team September 25, 2025 17:27
@rushtong rushtong merged commit e14da4b into develop Sep 25, 2025
16 checks passed
@rushtong rushtong deleted the gr-DT-2276-reference-hash branch September 25, 2025 20:02
rushtong added a commit that referenced this pull request Sep 25, 2025
@rushtong
Revert "DT-2276: Update version references to hashes (#2682)"
494ace5 
This reverts commit e14da4b.
@rushtong rushtong mentioned this pull request Sep 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fboulnois fboulnois fboulnois approved these changes

@kevinmarete kevinmarete kevinmarete approved these changes

@otchet-broad otchet-broad Awaiting requested review from otchet-broad otchet-broad is a code owner automatically assigned from DataBiosphere/dsp-data-team-eng

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rushtong @fboulnois @kevinmarete