Pin non-official GitHub Actions #1
Description
To harden against supply chain attacks we should pin actions versions (at least of non-official ones that have a higher risk)
Metadata
Metadata
Assignees
Labels
No labels
{{ message }}
To harden against supply chain attacks we should pin actions versions (at least of non-official ones that have a higher risk)