No retry on flaky network step

Rule ID	missing_retry
Category	reliability
Severity	low

Steps that download external dependencies or call external APIs have no retry logic, making the pipeline fragile to transient network failures.

Detection

pattern_matching — Regex or keyword matching on string field values.

Examples

Non-compliant:

jobs:
  build:
    steps:
      - run: npm install
      - run: curl -fsSL https://example.com/tool | bash

Compliant:

jobs:
  build:
    steps:
      - uses: nick-fields/retry@v3
        with:
          timeout_minutes: 5
          max_attempts: 3
          command: npm install
      - run: curl -fsSL https://example.com/tool | bash

Fix: Wrap flaky network steps (curl, npm install, pip install, apt-get) with a retry action such as nick-fields/retry or add shell-level retry loops for critical downloads.