feat: modernize GitHub Actions with security hardening and centralize…#470
Merged
Merged
Conversation
…d Rust toolchain Security Improvements: - Pin all GitHub Actions to specific commit hashes instead of version tags - Update actions/checkout from v4 to commit 08eba0b27e820071cde6df949e0beb9ba4906955 - Update actions/setup-python from v5 to commit a26af69be951a213d495a4c3e4e4022e16d87065 (v5.6.0) - Update actions/setup-java from v4 to commit dded0888837ed1f317902acf8a20df0ad188d165 (v5.0.0) - Update actions/setup-node from v4 to commit 1e60f620b9541d16bece96c5465dc8ee9832be0b (v4.4.0) - Update actions/setup-go from v5 to commit 41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed (v5.1.0) - Update actions/setup-dotnet from v4 to commit 3e891b0cb619bf60e2c25674b222b8940e2c1c25 (v4.1.0) - Update actions/upload-artifact from v4 to commit ea165f8d65b6e75b540449e92b4886f43607fa02 (v4.6.2) - Update actions/download-artifact from v4 to commit 634f93cb2916e3fdff6788551b99b062d0335ce0 (v5.0.0) - Update github/codeql-action from v3 to commit 01fe2e8c43536ad5e1085bad5e7cd6fbc8a30988 (v3.29.11) Rust Toolchain Consolidation: - Create custom composite action .github/actions/toolchains/rust/action.yml - Standardize on Rust 1.89.0 (latest stable) with clippy and rustfmt components - Add optional targets parameter for cross-compilation support - Replace dtolnay/rust-toolchain@stable across 16 workflows This creates a more secure, maintainable, and consistent CI/CD pipeline with centralized Rust toolchain management across all workflows. Signed-off-by: Anand Krishnamoorthi <anakrish@microsoft.com>
anakrish
force-pushed
the
update-workflows-deps
branch
from
6e28f83 to
3060013
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…d Rust toolchain
Security Improvements:
Rust Toolchain Consolidation:
This creates a more secure, maintainable, and consistent CI/CD pipeline with centralized Rust toolchain management across all workflows.