Reliability Rules¶
Rule |
Severity |
Description |
|---|---|---|
high |
Job has no timeout-minutes set. Without a timeout, a hung job will consume runner minutes until the 6-hour GitHub defaul… |
|
high |
Action uses a mutable tag (@main, @v1, @latest) instead of a full commit SHA. Mutable tags can introduce breaking change… |
|
medium |
continue-on-error: true is set on a step that is not explicitly intended to be optional. This can silently hide real fai… |
|
medium |
PR-triggered workflow has no concurrency group. Multiple pushes to the same PR will queue redundant runs instead of canc… |
|
low |
Uploaded artifacts use the default 90-day retention. Set retention-days explicitly to control storage costs and data lif… |
|
low |
Steps that download external dependencies or call external APIs have no retry logic, making the pipeline fragile to tran… |