-
Introduce dependency cooldown when installing with
taiki-e/install-action@<tool_name>,tool: <tool_name>@latest, ortool: <tool_name>@<omitted_version>to mitigate the risk of supply chain attacks by default. (#1666)This action without this cooldown already takes a few hours to a few days for new releases to be reflected (as with other common package managers that verify checksums or signatures), so this should not affect most users.
See the "Security" section in readme for more details.
-
Improve robustness for network failure.
-
Documentation improvements.
taiki-e/install-action
v2.73.0
2.73.0
on GitHub
12 hours ago