feat(ci): consider dtolnay/rust-toolchain a trusted action

dtolnay is a very reputable member of the Rust community. I'd like to propose to make an exception to the "pin all external actions to a hash" rule. The action is updated very regularly and causes spam in the form of dependabot PRs. Additionally, by pinning the action we cannot make use of the very neat shorthand syntax of specifying the desired Rust version. Pull-Request: #3487.
2025-05-14 20:01:21 +00:00 · 2023-03-01 13:55:58 +11:00 · 2023-03-01 13:55:58 +11:00 · 10f948d8c0
commit 10f948d8c0
parent 73013de3f1
2 changed files with 12 additions and 26 deletions
--- a/.github/workflows/cache-factory.yml
+++ b/.github/workflows/cache-factory.yml
@ -38,9 +38,9 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
+      - uses: dtolnay/rust-toolchain@master
        with:
-          toolchain: ${{ matrix.rust }}          
+          toolchain: ${{ matrix.rust }}

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
@ -60,9 +60,7 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:
-          toolchain: stable          
+      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -35,7 +35,7 @@ jobs:
          echo "version=${RUST_VERSION}" >> $GITHUB_OUTPUT

      - name: Install Rust ${{ steps.parse-msrv.outputs.version }} for MSRV check
-        uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
+        uses: dtolnay/rust-toolchain@master
        with:
          toolchain: ${{ steps.parse-msrv.outputs.version }}

@ -47,9 +47,7 @@ jobs:
      - name: Check if ${{ matrix.crate }} compiles on MSRV (Rust ${{ steps.parse-msrv.outputs.version }})
        run: cargo +${{ steps.parse-msrv.outputs.version }} build --package ${{ matrix.crate }} --all-features

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:
-          toolchain: stable
+      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
@ -108,9 +106,8 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
+      - uses: dtolnay/rust-toolchain@stable
        with:
-          toolchain: stable
          target: ${{ matrix.target }}

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
@ -134,9 +131,7 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:
-          toolchain: stable
+      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
@ -154,9 +149,7 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:
-          toolchain: stable
+      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
@ -180,7 +173,7 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
+      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: ${{ matrix.rust-version }}
          components: clippy
@ -203,9 +196,7 @@ jobs:

      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:
-          toolchain: stable
+      - uses: dtolnay/rust-toolchain@stable

      - uses: Swatinem/rust-cache@359a70e43a0bb8a13953b04a90f76428b4959bb6 # v2.2.0
        with:
@ -219,9 +210,8 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
+      - uses: dtolnay/rust-toolchain@stable
        with:
-          toolchain: stable
          components: rustfmt

      - name: Check formatting
@ -232,9 +222,7 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - uses: dtolnay/rust-toolchain@9cd00a88a73addc8617065438eff914dd08d0955 # v1
-        with:          
-          toolchain: stable
+      - uses: dtolnay/rust-toolchain@stable

      - name: Ensure `full` feature contains all features
        run: |