Test build on Windows 2022 #218
Conversation
![datadog-datadog-prod-us1[bot]](https://avatars.githubusercontent.com/u/365230?s=60&v=4){kind=small}
| @@ -35,7 +35,7 @@ jobs: | |||
| - run: npm run test:js-valgrind | |||
|
|
|||
| build: | |||
| uses: Datadog/action-prebuildify/.github/workflows/build.yml@main | |||
| uses: Datadog/action-prebuildify/.github/workflows/build.yml@szegedi/new-windows | |||
There was a problem hiding this comment.
🟠 Code Vulnerability
Workflow depends on a GitHub actions pinned by tag instead of a hash. (...read more)
Pin GitHub Actions by commit hash to ensure supply chain security.
Using a branch (@main) or tag (@v1) allows for implicit updates, which can introduce unexpected or malicious changes. Instead, always pin actions to a full length commit SHA. You can find the commit SHA for the latest tag from the action’s repository and ensure frequent updates via auto-updaters such as dependabot. Include a comment with the corresponding full-length SemVer tag for clarity:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
| @@ -7,7 +7,7 @@ on: | |||
|
|
|||
| jobs: | |||
| build: | |||
| uses: Datadog/action-prebuildify/.github/workflows/build.yml@main | |||
| uses: Datadog/action-prebuildify/.github/workflows/build.yml@szegedi/new-windows | |||
There was a problem hiding this comment.
🟠 Code Vulnerability
Workflow depends on a GitHub actions pinned by tag instead of a hash. (...read more)
Pin GitHub Actions by commit hash to ensure supply chain security.
Using a branch (@main) or tag (@v1) allows for implicit updates, which can introduce unexpected or malicious changes. Instead, always pin actions to a full length commit SHA. You can find the commit SHA for the latest tag from the action’s repository and ensure frequent updates via auto-updaters such as dependabot. Include a comment with the corresponding full-length SemVer tag for clarity:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
Overall package sizeSelf size: 1.58 MB Dependency sizes| name | version | self size | total size | |------|---------|-----------|------------| | source-map | 0.7.4 | 226 kB | 226 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | p-limit | 3.1.0 | 7.75 kB | 13.78 kB | | delay | 5.0.0 | 11.17 kB | 11.17 kB | | node-gyp-build | 3.9.0 | 8.81 kB | 8.81 kB |🤖 This report was automatically generated by heaviest-objects-in-the-universe |
BenchmarksBenchmark execution time: 2025-06-11 14:02:06 Comparing candidate commit b23e526 in PR branch Found 1 performance improvements and 0 performance regressions! Performance is the same for 90 metrics, 29 unstable metrics. scenario:profiler-light-load-with-wall-profiler-22
|
Test build on Windows 2022 for DataDog/action-prebuildify#73. Not to be merged.