Hacker News new | ask | show | jobs
by jbergstroem 174 days ago
Another (more complete? maintenance, security checks) solution is to allow renovatebot handle this for you. Enable this preset: https://docs.renovatebot.com/presets-helpers/#helperspingith...

..and in the next update cycle, you will see all actions be pinned like this:

- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
1 comments
JackSlateur 174 days ago
This only handle your actions, not their dependencies (which seems to be the purpose of gh-actions-lockfile)
link