Commit 9732cd6
authored
Allowlist carabiner v1.2.0 transitive ampel-bootstrap + download-and-verify (#906)
The hourly "Check for transitive failures in current latest actions"
workflow has been failing on every scheduled run since the carabiner
v1.2.0 bump. `ampel/verify@v1.2.0` (e0e3b814) transitively resolves
`install/ampel-bootstrap` and `install/download-and-verify` at the same
v1.2.0 monorepo commit (e0e3b814), but only three of the five carabiner
sub-actions had that SHA allowlisted — these two were missed in the
v1.2.0 sync, so the run is blocked with "is not allowed in
apache/infrastructure-actions".
Add e0e3b814 to both sub-action blocks in actions.yml as allowlisted-but-
expiring transitive entries (the existing 9db1a064 stays the live,
dependabot-tracked ref, so the composite is unchanged) and regenerate
approved_patterns.yml via the gateway sync.
Generated-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent b6f6dfd commit 9732cd6
2 files changed
Lines changed: 12 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
182 | 182 | | |
183 | 183 | | |
184 | 184 | | |
| 185 | + | |
| 186 | + | |
| 187 | + | |
| 188 | + | |
| 189 | + | |
185 | 190 | | |
186 | 191 | | |
187 | 192 | | |
| |||
203 | 208 | | |
204 | 209 | | |
205 | 210 | | |
| 211 | + | |
| 212 | + | |
| 213 | + | |
| 214 | + | |
| 215 | + | |
206 | 216 | | |
207 | 217 | | |
208 | 218 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
72 | 72 | | |
73 | 73 | | |
74 | 74 | | |
| 75 | + | |
75 | 76 | | |
76 | 77 | | |
77 | 78 | | |
78 | 79 | | |
79 | 80 | | |
80 | 81 | | |
81 | 82 | | |
| 83 | + | |
82 | 84 | | |
83 | 85 | | |
84 | 86 | | |
| |||
0 commit comments