Skip to content

Add freebsd-vm action into allowlist #274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
assignUser merged 1 commit into from
Aug 30, 2025
Merged

Add freebsd-vm action into allowlist #274

assignUser merged 1 commit into from
Aug 30, 2025

Conversation

@PragmaTwice
Copy link
Member

@PragmaTwice PragmaTwice commented Aug 27, 2025

Request for adding a new GitHub Action to the allow list

Overview

Name of action: vmactions/freebsd-vm

URL of action: https://github.com/vmactions/freebsd-vm

Version to pin to (hash only):

05856381fab64eeee9b038a0818f6cec649ca17a

vmactions/freebsd-vm@0585638

Permissions

None.

Related Actions

None.

Checklist

You should be able to check most of these boxes for an action to be considered for review.
Please check all boxes that currently apply:

  • The action is listed in the GitHub Actions Marketplace
  • The action is not already on the list of approved actions
  • The action has a sufficient number of contributors or has contributors within the ASF community
  • The action has a clearly defined license
  • The action is actively developed or maintained
  • The action has CI/unit tests configured

@PragmaTwice
Add freebsd-vm action into allowlist
a0a2aab 
Signed-off-by: Twice <twice@apache.org>
@PragmaTwice PragmaTwice mentioned this pull request Aug 27, 2025
Closed
assignUser
assignUser reviewed Aug 28, 2025
View reviewed changes
Copy link
Member

@assignUser assignUser left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tag matches.

My problem with this Action is that it appears like the entire 'vmactions' org is maintained by a single person with some additional contributions in select repos. That doesn't really fit our criteria. But I also see that this action is without any real alternatives and actively maintained.

@PragmaTwice I will not allow list this action with the workflow in the current state. Minimize permissions of the GITHUB_TOKEN of the job using: (this should be the default for ALL jobs)

permissions:
  contents: read

@PragmaTwice
Copy link
Member Author

PragmaTwice commented Aug 30, 2025

I will not allow list this action with the workflow in the current state. Minimize permissions of the GITHUB_TOKEN of the job using: (this should be the default for ALL jobs)

Done in apache/kvrocks@a5ca028.

@assignUser assignUser merged commit 6d61a14 into apache:main Aug 30, 2025
5 checks passed
@raboof
Copy link
Member

raboof commented Dec 28, 2025

I will not allow list this action with the workflow in the current state. Minimize permissions of the GITHUB_TOKEN of the job using: (this should be the default for ALL jobs)

Done in apache/kvrocks@a5ca028.

It seems that commit doesn't (or no longer) appears in the kvrocks repository. Is this action still needed?

@PragmaTwice
Copy link
Member Author

PragmaTwice commented Dec 28, 2025

The PR author closed the PR without next steps. apache/kvrocks#3141

@raboof raboof mentioned this pull request Dec 29, 2025
Closed
raboof added a commit to raboof/infrastructure-actions that referenced this pull request Dec 29, 2025
@raboof
remove vmactions/freebsd-vm
e1accf0 
it was not used after all, see apache#274
@raboof raboof mentioned this pull request Dec 29, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@assignUser assignUser assignUser approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PragmaTwice @raboof @assignUser