GitHub Actions Workflows

Reusable workflows, concurrency limits, and OIDC caching

Language / Topic

GitHub Actions

Rules

GitHub Actions Workflows · balanced balanced

- Pin third-party GitHub Actions to specific commit SHAs, not mutable tags like `@v2`.

- Use `concurrency` groups to cancel redundant, obsolete builds on the same PR.

- Pin third-party actions to explicit commit SHAs instead of version tags to prevent supply-chain hijacking.

- Implement `concurrency` controls to automatically cancel outdated builds on the same PR to save runner minutes.

- Utilize the `actions/cache` extensively for language-specific package managers (npm, pip, maven) to speed up job runs.