action-pinning

Here are 3 public repositories matching this topic...

indoor47 / gh-workflow-hardener

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

security static-analysis sarif devsecops github-actions supply-chain-security workflow-security cicd-security github-actions-security action-pinning

Updated Feb 28, 2026
Python

ollieb89 / actions-lockfile-generator

Star

Pin GitHub Action tags to full commit SHAs and generate auditable lockfiles to prevent supply chain attacks

security ci-cd developer-tools lockfile devsecops github-actions supply-chain-security workflow-security action-pinning sha-pinning

Updated Mar 22, 2026
TypeScript

forgesworn / anvil

Star

Supply-chain-hardened release tool for JS/TS libraries. Multi-runner reproducible-build attestation, OIDC trusted publishing, hard pre-publish gates. Pure bash, zero dependencies.

bash npm provenance release release-automation oidc reproducible-builds npm-publish github-actions slsa secret-scanning supply-chain-security composite-action reusable-workflow trusted-publishing action-pinning hardened-release

Updated Apr 18, 2026
Shell

Improve this page

Add a description, image, and links to the action-pinning topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the action-pinning topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly