Skip to content

ci: pin GitHub Actions to full commit SHAs#9120

Open
XananasX7 wants to merge 2 commits into
google:masterfrom
XananasX7:fix/pin-actions-to-sha
Open

ci: pin GitHub Actions to full commit SHAs#9120
XananasX7 wants to merge 2 commits into
google:masterfrom
XananasX7:fix/pin-actions-to-sha

Conversation

@XananasX7
Copy link
Copy Markdown

@XananasX7 XananasX7 commented Jun 3, 2026

This PR pins GitHub Actions from mutable version tags (e.g. @v4) to full commit SHAs, preventing silent supply chain attacks from compromised action repositories.

Recommended by GitHub's security hardening guide and OpenSSF Scorecard.

XananasX7 added 2 commits June 3, 2026 02:56
@XananasX7
ci: pin GitHub Actions to full commit SHAs
cd97d9a 
Signed-off-by: El Mehdi Abenhazou <mehdiananas007@gmail.com>
@XananasX7
ci: fix committer identity
1cf6c06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@XananasX7