docs: align review-reusable.yml header comments with the @v1 recommendation
Build & push image / build-and-push (pull_request) Successful in 6s

PR #12's own review flagged that the reusable's own header still said pin
@<sha>/@main while the example+README now recommend @v1. Update the header
to recommend @v1 (or @<sha>) consistently.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Steve Dudenhoeffer
2026-06-28 00:15:28 -04:00
parent 6f85b9341f
commit 09d04de619
+4 -3
View File
@@ -6,7 +6,7 @@
# jobs:
# review:
# if: ... # actor gate for the comment trigger
# uses: steve/gadfly/.gitea/workflows/review-reusable.yml@<sha>
# uses: steve/gadfly/.gitea/workflows/review-reusable.yml@v1
# secrets: # forward ONLY what the reviewer needs
# OLLAMA_CLOUD_API_KEY: ${{ secrets.OLLAMA_CLOUD_API_KEY }}
# CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
@@ -25,8 +25,9 @@
#
# Advisory only — never blocks a merge. The image is pinned to an immutable
# :sha- tag here (act_runner caches :latest); bump it per Gadfly release.
# Consumers should likewise pin `uses: ...@<sha>` (not @main) so a push to this
# repo can't silently change the code that runs with their forwarded secrets.
# Consumers should pin `uses: ...@v1` — a curated release tag moved on deliberate
# releases, so central tuning here propagates without per-consumer edits — or a
# full `@<sha>` for an immutable pin. Avoid `@main` (moves on every push).
name: Gadfly review (reusable)