Validate workflow to check that all codeql-action versions are the same by mbg · Pull Request #3099 · github/codeql-action (original) (raw)

This PR adds an extra check to validateWorkflows which collects all the refs used for github/codeql-action steps in the workflow and checks that they are all the same.

If there is a mismatch, then this results in a warning.

Risk assessment

For internal use only. Please select the risk level of this change:

• Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Merge / deployment checklist

• Confirm this change is backwards compatible with existing workflows.
• Consider adding a changelog entry for this change.
• Confirm the readme and docs have been updated if necessary.