Y
Hacker News
new
|
ask
|
show
|
jobs
by
joeig
81 days ago
This recommendation is currently broken. Even when you pin the full commit SHA for an action, that action may still pull in transitive dependencies (other actions) that aren't pinned.
1 comments
danudey
80 days ago
TL;DR Github Actions is the NPM of CI systems.
link