feat: implement issue #271 — Compliance: unpinned-actions-pr-review-mention.yml#306
Conversation
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR addresses compliance issue #271 by pinning the pr-review-mention reusable workflow reference to an immutable commit SHA (action pinning), ensuring the workflow can’t drift unexpectedly via a moving tag.
Changes:
- Pin
.github/workflows/pr-review-mention.ymlreusable workflowuses:reference to a specific commit SHA. - Add an additional
.dev-lead/ignore entry in.gitignore(currently duplicative).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
.gitignore |
Adds an ignore entry (but introduces a duplicate .dev-lead/ line). |
.github/workflows/pr-review-mention.yml |
Pins the reusable workflow reference to a commit SHA for compliance with action-pinning policy. |
|



Closes #271
Implemented by dev-lead agent. Please review.