Cr oss web react build caching #15174
Conversation
|
✅ Meticulous spotted 0 visual differences across 1016 screens tested: view results. Meticulous evaluated ~8 hours of user flows against your PR. Expected differences? Click here. Last updated for commit fc94fbb. This comment will update as new commits are pushed. |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
revert fronend frozen-lockfile
chakru-r
force-pushed
the
cr-oss-web-react-build-caching
branch
from
fc94fbb to
72b6698
Compare
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| # Depot is used here for remote container builds in base_build and also for all runners. Depot runners support unlimited concurrency | ||
| # and hence short queue times and higher parallelism of smoke tests | ||
|
|
||
| run: | |
There was a problem hiding this comment.
🚫 [actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2129:style:2:3: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
| # Depot is used here for remote container builds in base_build and also for all runners. Depot runners support unlimited concurrency | ||
| # and hence short queue times and higher parallelism of smoke tests | ||
|
|
||
| run: | |
There was a problem hiding this comment.
🚫 [actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2129:style:7:3: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
|
|
||
| - name: Capture build Id | ||
| id: capture-build-id | ||
| run: | |
There was a problem hiding this comment.
📝 [actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2086:info:5:115: Double quote to prevent globbing and word splitting [shellcheck]
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
| yarn_cache_key_prefix: ${{ steps.yarn-cache-key.outputs.yarn_cache_key_prefix }} | ||
| steps: | ||
| - name: Check out the repo | ||
| uses: acryldata/sane-checkout-action@v4 |
There was a problem hiding this comment.
3rd party Github Actions should be pinned - medium severity
A third-party GitHub Action was imported, and is not pinned via a hash. This leaves your CI/CD at risk for potential supply chain attacks, if the affected GitHub Action is compromised.
Show Remediation
Remediation - high confidence
This patch mitigates a potential supply chain attack by pinning the version of third-party Github Actions to their commit SHA.
| uses: acryldata/sane-checkout-action@v4 | |
| uses: acryldata/sane-checkout-action@ad9618e2f67a71f3b86218f82bfbb9df12a15aee # v4 |
|
|
||
| - name: Set up Depot CLI | ||
| if: ${{ env.DOCKER_CACHE == 'DEPOT' }} | ||
| uses: depot/setup-action@v1 |
There was a problem hiding this comment.
3rd party Github Actions should be pinned - medium severity
A third-party GitHub Action was imported, and is not pinned via a hash. This leaves your CI/CD at risk for potential supply chain attacks, if the affected GitHub Action is compromised.
Show Remediation
Remediation - high confidence
This patch mitigates a potential supply chain attack by pinning the version of third-party Github Actions to their commit SHA.
| uses: depot/setup-action@v1 | |
| uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5 # v1.6.0 |
No description provided.