security

Pin your GitHub Actions

Apr 17, 2025

Just going to echo this post:

Pin your GitHub Actions michaelheap.com
michaelheap.com https://michaelheap.com/pin-your-github-actions/

Pin your actions!

I’ve done it in my work, and while it’s a little tedious to setup initially it’s not to bad with dependabot updating them automatically.