Core Project Endorsement

Ecosystem Adoption


  • Recommend that CI running against PRs be expected to pass–if it fails, it should be important

  • Schedule regular runs of CI against nightlies/pre-releases

    • Good for other checks that don’t need to run on every PR
    • Could use for pins
    • Can use labels to trigger additional runs of “exotic” jobs
    • Can open an issue on failure rather than hiding in a UI somewhere–helps give notifications
    • Generate a badge for the workflow, that can be collected into a dashboard
  • GitHub actions security concerns

    • Need to trust action creators
    • Pin to hash vs. version/tag?