Pre-release versions should use beta (or similar) keyword

[ethankent]

I use Dependabot for automated dependency updates. It has created a PR that:

Updates bridgecrewio/checkov-action from 12.1347.0 to 12.2672.

However, when I check this repo, I see that v12.1347.0 is listed as the latest release. This is apparently because Dependabot relies exclusively on git tags and their names to figure out what update to propose

Github Actions recommends using tags for release management stating that:

Major versions can be initially released with a beta tag to indicate their status, for example, v2-beta. The -beta tag can then be removed when ready.

So in the above case the pre-release v12.2672.0 would become v12.2672.0-beta and avoid being mistaken for a stable release.

[Saarett]

Hi @ethankent, that's an interesting case! Both Checkov and Checkov-Action are based on a full CI/CD pipeline, so each merge to master should ideally indicate a new version. Perhaps for some reason, we had stopped tagging each version at the latest, and you're probably the first to reach out about it. We will prioritize it internally to be addressed.
Thank you!

[ethankent]

@Saarett Thanks for looking into that 👍

[ethankent]

Just some additional context around the potential need for a beta flag...

I originally had a run that was failing & had to fall back to an older version. Possibly related to #162. Now today I'm seeing another run failing with version: bridgecrewio/checkov-action@d01b2bab9580b88f841e0207ddbc90de6930e4d0 # v12.2672.0 which might be the same issue discussed in #166 - Each of these issues has disrupted the CI pipeline I'm working with, and beta releases might help to alleviate those impacts.

Hope this is helpful, thanks again for looking into it.