molecule-ai/molecule-core
36
0
Fork 2
Code Issues 20 Pull Requests 15 Actions 5 Packages Projects Releases Wiki Activity
a8d4f8363a
molecule-core/.github
History
Molecule AI Core-DevOps a8d4f8363a
Some checks failed
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 47s
Details
sop-tier-check / tier-check (pull_request) Failing after 44s
Details
ci: pin GitHub Actions by SHA instead of mutable tags (staging sync) 
Cherry-pick from main (03689e3d) to restore SHA pinning on staging branch.

- actions/checkout@v6 → @de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2)
  in .github/workflows/secret-pattern-drift.yml
- pypa/gh-action-pypi-publish@release/v1 →
  @cef221092ed1bacb1cc03d23a2d87d1d172e277b in .github/workflows/publish-runtime.yml

Mutable action tags create supply-chain risk. SHA-pinning ensures the exact
commit runs every time.

[core-devops-agent]

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-10 09:27:46 +00:00
..
scripts fix(scripts): migrate ghcr.io→ECR + raw.githubusercontent.com→Gitea (#46) 2026-05-07 00:56:23 -07:00
workflows ci: pin GitHub Actions by SHA instead of mutable tags (staging sync) 2026-05-10 09:27:46 +00:00
CODEOWNERS chore: add CODEOWNERS to auto-route agent PRs to personal review account 2026-04-26 13:40:13 -07:00
dependabot.yml chore(security): pin Actions to SHAs + enable Dependabot auto-bumps 2026-04-28 15:37:06 -07:00