Pinact is a way to pin versions across our workflows to prevent running latest and defend against injection-attacks. I'd also include running zizmor as a way to audit our actions as well.
Pinact is a way to pin versions across our workflows to prevent running latest and defend against injection-attacks.
I'd also include running zizmor as a way to audit our actions as well.