action-pinning

Here are 2 public repositories matching this topic...

Pin GitHub Action tags to full commit SHAs and generate auditable lockfiles to prevent supply chain attacks

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

Add a description, image, and links to the action-pinning topic page so that developers can more easily learn about it.

To associate your repository with the action-pinning topic, visit your repo's landing page and select "manage topics."