ci: pin feature-ideation-reusable.yml to SHA (action pinning compliance)#183
ci: pin feature-ideation-reusable.yml to SHA (action pinning compliance)#183
Conversation
…iance Pin `petry-projects/.github/.github/workflows/feature-ideation-reusable.yml` from `@v1` to `@208ec2d69b75227d375edf8745d84fbac05a76b2` (v1) per the action-pinning policy. Also sync the missing `dry_run` input and `with` param from the upstream standards template. Closes #159 Co-authored-by: don-petry <don-petry@users.noreply.github.com>
|
@don-petry — you're the code owner for this repo. PR #183 is ready for your review and merge. |
|
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 45 minutes and 31 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Updates the Feature Ideation workflow stub to comply with the org action-pinning policy and to align inputs with the upstream reusable workflow template.
Changes:
- Pin the reusable workflow reference from
@v1to a full commit SHA. - Add a
dry_runworkflow_dispatchinput and pass it through to the reusable workflow.
Automated review — APPROVEDRisk: LOW SummarySingle-file CI workflow change that pins a reusable workflow reference from a mutable tag (@v1) to a pinned SHA, following the org's action-pinning policy (issue #159). A dry_run boolean input is also added to sync with the upstream reusable workflow template. All CI gates pass (CodeQL, SonarCloud 0 issues/hotspots, build, tests, AgentShield) and the change is a net security improvement. FindingsInfo
CI statusAll status checks pass (CodeQL, SonarCloud 0 new issues/hotspots, build-and-test, Node.js Tests, Playwright UI Tests, Dependency audit, AgentShield, Coverage). Reviewed by the don-petry PR-review cascade (triage: haiku 4.5 → deep: sonnet 4.6 + duck: gpt-5.4 → audit: opus 4.6). Reply with |
Summary
petry-projects/.github/.github/workflows/feature-ideation-reusable.ymlfrom@v1to@208ec2d69b75227d375edf8745d84fbac05a76b2(v1) per the action-pinning policydry_runworkflow_dispatch input and correspondingwithparameter from the upstream standards templateChanges
.github/workflows/feature-ideation.yml: pin reusable workflow call to SHA, adddry_runinputCloses #159
Generated with Claude Code