Skip to content

hotfix: add version for CI action#49

Merged
narenaryan merged 1 commit into
mainfrom
hotfix/pin-scharf-version
May 20, 2026
Merged

hotfix: add version for CI action#49
narenaryan merged 1 commit into
mainfrom
hotfix/pin-scharf-version

Conversation

@narenaryan

@narenaryan narenaryan commented May 20, 2026

Copy link
Copy Markdown
Contributor

Description

Fix version for unittests to pass on merge

@narenaryan narenaryan self-assigned this May 20, 2026
@narenaryan narenaryan merged commit c8d7818 into main May 20, 2026
2 checks passed
@narenaryan narenaryan deleted the hotfix/pin-scharf-version branch May 20, 2026 04:27
@greptile-apps

greptile-apps Bot commented May 20, 2026

Copy link
Copy Markdown
Contributor

Confidence Score: 5/5

Safe to merge — the change is a one-line env var addition that pins the scharf binary version in an audit step, with no impact on application or test logic.

The only change is injecting SCHARF_VERSION=v1.3.1 into the audit step environment. It does not alter any Go source, test code, or other workflow steps, and the risk surface is limited to the CI pipeline itself.

No files require special attention; .github/workflows/ci.yml has a minor style inconsistency (missing version comment on the scharf-action SHA) but nothing that affects correctness.

Important Files Changed

Filename Overview
.github/workflows/ci.yml Adds SCHARF_VERSION=v1.3.1 env var to the scharf-action audit step to pin the binary version used during CI runs

Sequence Diagram

sequenceDiagram
    participant GH as GitHub Actions Runner
    participant Checkout as actions/checkout
    participant ScharfAction as cybrota/scharf-action
    participant SetupGo as actions/setup-go
    participant Tests as go test ./...

    GH->>Checkout: Checkout repository (SHA-pinned)
    GH->>ScharfAction: "Audit GitHub Actions (env: SCHARF_VERSION=v1.3.1)"
    ScharfAction-->>GH: raise-error: true (fail if audit fails)
    GH->>SetupGo: "Set up Go >= 1.24 (SHA-pinned)"
    GH->>Tests: "go mod download && go test ./..."
Loading

Reviews (1): Last reviewed commit: "fix: add version for CI action" | Re-trigger Greptile

greptile-apps[bot]
greptile-apps Bot reviewed May 20, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml
@@ -18,6 +18,8 @@ jobs:

- name: Audit GitHub actions
uses: cybrota/scharf-action@c0d0eb13ca383e5a3ec947d754f61c9e61fab5ba

@greptile-apps greptile-apps Bot May 20, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 The cybrota/scharf-action step is pinned to a commit SHA but has no inline version comment, unlike the two other action steps which both carry a # vX.Y.Z annotation. Adding the comment makes it easy to cross-check the SHA against a known release tag at a glance without having to look it up in the remote repository.

Suggested change
uses: cybrota/scharf-action@c0d0eb13ca383e5a3ec947d754f61c9e61fab5ba
uses: cybrota/scharf-action@c0d0eb13ca383e5a3ec947d754f61c9e61fab5ba # vX.Y.Z

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

@narenaryan narenaryan

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@narenaryan