Open Issues Need Help
View All on GitHub Pin GitHub Actions to full commit SHA for improved security about 1 month ago
AI Summary: This issue proposes enhancing GitHub Actions security by replacing mutable tags with immutable commit SHAs. This change improves supply chain security and ensures pipeline reproducibility. The process involves using the GitHub CLI to find the correct SHA for each action and updating the workflow files, with a clear definition of done including version comments and Dependabot configuration.
Complexity:
2/5
good first issue github_actions