05f1ed756b
## What - Pin all GitHub Actions to their specific SHA1 hashes to reduce supply chain attack risk - Replaces version tags with specific commit SHAs - Includes version comments for easier reference - Changes generated with the pinact tool See internal wiki page on supply chain security for further info ## How Used the tool pinact to pin the sha for github actions. ## Review guide <!-- 1. `x.py` 2. `y.py` --> ## User Impact No impact ## Can this PR be safely reverted and rolled back? - [x] YES 💚 - [ ] NO ❌
8.9 KiB
8.9 KiB