top | item 43372616 (no title) evntdrvn | 11 months ago it is documented as recommended here fwiw: https://docs.github.com/en/actions/security-for-github-actio... discuss order hn newest sundarurfriend|11 months ago And the syntax to do that is to use `foo/bar@commitshagoeshere` as in - uses: RafaelGSS/bad-action@e20fd1d81b3f403df56f5f06e2aa9653a6a60763 # v1.0.1 (example from https://blog.rafaelgss.dev/why-you-should-pin-actions-by-com...) 0rzech|11 months ago This. Using tags is acceptable only for official GitHub actions, anything else should be pinned.
sundarurfriend|11 months ago And the syntax to do that is to use `foo/bar@commitshagoeshere` as in - uses: RafaelGSS/bad-action@e20fd1d81b3f403df56f5f06e2aa9653a6a60763 # v1.0.1 (example from https://blog.rafaelgss.dev/why-you-should-pin-actions-by-com...)
0rzech|11 months ago This. Using tags is acceptable only for official GitHub actions, anything else should be pinned.
sundarurfriend|11 months ago
0rzech|11 months ago