bold text in immutable-releases.md#43716
Conversation
How to review these changes 👓Thank you for your contribution. To review these changes, choose one of the following options: A Hubber will need to deploy your changes internally to review. Table of review linksNote: Please update the URL for your staging server or codespace. The table shows the files in the
Key: fpt: Free, Pro, Team; ghec: GitHub Enterprise Cloud; ghes: GitHub Enterprise Server 🤖 This comment is automatically generated. |
github-actions
Bot
added
the
triage
|
@dangbert This doesn't fit within our style guide, however we are moving away from quotes for important items and towards putting them in bold, so this would be acceptable:
If you don't think that's sufficient, I really don't like the placement of that callout. Think of text formatting as a means of directing attention. If you direct attention somewhere with a callout, you're basically taking it away from somewhere else, and that "somewhere else" is usually the area immediately following the place where you've directed the attention. That's fine if there's a bunch of text afterward to remind the reader there's more to read, but when you follow a callout with one line of text and then a heading for a new section, that one line of text is going to get lost. I would rather see the callout at the end of the section if there's nowhere further up the section where it makes sense. But even if the callout gets moved, "Immutable" should still be bolded, because that's what we're doing now. |
Sharra-writes
added
content
This comment was marked as spam.
This comment was marked as spam.
Address feedback
|
Hi sorry for the delay, I believe this now reflects the feedback from @Sharra-writes. On a broader note, less in immediate scope for this PR, but I think Github could really champion immutable releases as a security feature by demonstrating them across the most popular Github Actions. For example the single most used action, If Github were to address this in the future the docs could perhaps link to a release in https://github.com/actions/checkout/releases to provide a clear example of what an immutable release looks like. My motivation for this stems from the hundreds of supply chain attacks over the last year, with most seeming to start with the many foot guns in the security model of Github Actions. One only has to look at all the hoops Atral had to be aware of and jump through to tighten their security footprint on Github https://astral.sh/blog/open-source-security-at-astral Unfortunately this level of effort is unrealistic to expect for the entire community to be educated about. I believe Google Cloud takes a great approach with their "Secure by default" philosophy. This is the motivation of my PR and why I've opened a few issues on popular github repos spreading knowledge about Immutable releases. The maintainer of yq thusfar has been the only one I've seen take action in response mikefarah/yq#2673 additional references: |
|
@dangbert Looks good! If you want to discuss your concerns more, I'd recommend https://github.com/orgs/community/discussions. |
|
Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours. If you're looking for your next contribution, check out our help wanted issues ⚡ |
3 participants
Why:
Closes: #43715
What's being changed (if available, include any code snippets, screenshots, or gifs):
Make important text bold so it's harder to overlook.
Check off the following: