action-pinning

Here are 2 public repositories matching this topic...

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

Pin GitHub Action tags to full commit SHAs and generate auditable lockfiles to prevent supply chain attacks

Add a description, image, and links to the action-pinning topic page so that developers can more easily learn about it.

To associate your repository with the action-pinning topic, visit your repo's landing page and select "manage topics."