Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: fixed the pinned dependencies issue #5396

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: fixed the pinned dependencies issue #5396

wants to merge 1 commit into from

Conversation

harshitasao
Copy link

What this PR does / why we need it:
fixed the pinned dependencies issue reported by scorecard.

Which issue(s) this PR fixes:
Part of #5391

Special notes for your reviewer:
NONE

Does this PR introduce a user-facing change?:

NONE

@karmada-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign liangyuanpeng for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@karmada-bot karmada-bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Aug 18, 2024
@harshitasao harshitasao mentioned this pull request Aug 18, 2024
Open
5 tasks
@codecov-commenter
Copy link

codecov-commenter commented Aug 18, 2024
edited
Loading

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 31.14%. Comparing base (2efe03f) to head (4c405fa).

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #5396   +/-   ##
=======================================
  Coverage   31.14%   31.14%           
=======================================
  Files         640      640           
  Lines       44417    44417           
=======================================
+ Hits        13832    13834    +2     
+ Misses      29583    29582    -1     
+ Partials     1002     1001    -1
Flag Coverage Δ
unittests 31.14% <ø> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@RainbowMango RainbowMango mentioned this pull request Aug 19, 2024
Open
@harshitasao
fix: fixed the pinned dependencies issue
4c405fa 
Signed-off-by: harshitasao <harshitasao@gmail.com>
@harshitasao harshitasao force-pushed the pinned-dependencies-fix branch from cc01378 to 4c405fa Compare August 28, 2024 22:04
liangyuanpeng
liangyuanpeng reviewed Aug 29, 2024
View reviewed changes
.github/workflows/cli.yaml
@@ -59,6 +62,9 @@ jobs:
- name: upload logs
if: always()
uses: actions/upload-artifact@v4
- uses: chainguard-dev/actions/kind-diag@2faf313e789d339d91d3c4a73445ccdf90e5272d # main
# Only upload logs on failure.
if: ${{ failure() }}
with:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like a wrong update was done here.

liangyuanpeng
liangyuanpeng reviewed Aug 29, 2024
View reviewed changes
.github/workflows/cli.yaml
Comment on lines +40 to +42
- uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
version: "v0.22.0"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like a wrong update was done here.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just need to update the version of action and not add a new action step.

zhzhuang-zju
zhzhuang-zju reviewed Aug 29, 2024
View reviewed changes
.github/workflows/fossa.yml
@@ -7,7 +7,7 @@ on:
- 'dependabot/**'

permissions:
contents: read # Required by actions/checkout@v4 to fetch the repository contents.
contents: read # Required by actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 to fetch the repository contents.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
contents: read # Required by actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 to fetch the repository contents.
contents: read # Required by actions/checkout to fetch the repository contents.

We can remove the version information from the comments to reduce maintenance costs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhzhuang-zju zhzhuang-zju zhzhuang-zju left review comments

@liangyuanpeng liangyuanpeng liangyuanpeng left review comments

@RainbowMango RainbowMango RainbowMango left review comments

@jwcesign jwcesign Awaiting requested review from jwcesign

Assignees
No one assigned
Labels
size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@harshitasao @karmada-bot @codecov-commenter @RainbowMango @liangyuanpeng @zhzhuang-zju