Skip to content

Update contributors-readme-action version #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JorchCortez merged 1 commit into from
Nov 10, 2025
Merged

Update contributors-readme-action version #63

JorchCortez merged 1 commit into from
Nov 10, 2025

Conversation

@JorchCortez
Copy link
Contributor

@JorchCortez JorchCortez commented Nov 10, 2025

This pull request updates the GitHub Action used to maintain the contributors section in the README. The action version was changed from a specific patch release (v2.5.8) to the more general major version (v2), which allows for automatic updates to the latest minor and patch releases within major version 2.

Copilot AI review requested due to automatic review settings November 10, 2025 21:23
@JorchCortez JorchCortez merged commit f44b098 into main Nov 10, 2025
6 checks passed
@JorchCortez JorchCortez deleted the JorchCortez-patch-3 branch November 10, 2025 21:23
Copilot AI reviewed Nov 10, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the contributors-readme-action GitHub Action from a pinned patch version (v2.5.8) to a floating major version (v2). This change allows the workflow to automatically receive minor and patch updates within version 2.x, ensuring access to bug fixes and new features without manual version bumps.

  • Updated action version reference from v2.5.8 to v2

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/update-contributors.yml

- name: Update contributors section in README
uses: akhilmhdh/contributors-readme-action@v2.5.8
uses: akhilmhdh/contributors-readme-action@v2
Copy link

Copilot AI Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Switching from a pinned version (v2.5.8) to a floating major version (v2) introduces security and stability risks. The workflow will automatically pull the latest v2.x version, which could include breaking changes within minor versions or unvetted code. Consider using a commit SHA for maximum security (e.g., @abc123...) or at minimum pin to a specific minor version (e.g., @v2.5) to balance security with updates.

Suggested change
uses: akhilmhdh/contributors-readme-action@v2
uses: akhilmhdh/contributors-readme-action@v2.5.8

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JorchCortez