Feature hasn't been suggested before.
Describe the enhancement you want to request
Pinning actions to specific commit hashes protects against supply chain attacks (e.g. https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066).
It is easy to accomplish with tooling like https://github.com/mheap/pin-github-action and improves the security posture of the repo
Feature hasn't been suggested before.
Describe the enhancement you want to request
Pinning actions to specific commit hashes protects against supply chain attacks (e.g. https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066).
It is easy to accomplish with tooling like https://github.com/mheap/pin-github-action and improves the security posture of the repo