GitHub Actions Hashpin Enforcer

Version updated for https://github.com/gustavtjac/HashpinEnforcer to version v1.3.1.1.

• This action is used across all versions by ? repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The GitHub Actions Hashpin Enforcer is a security-focused tool that scans workflow YAML files to ensure all actions are pinned to specific commit SHAs, preventing the use of mutable references like tags (@v1) or branches (@main). It automates the detection of non-deterministic dependencies, improving the reproducibility and security of CI/CD pipelines by mitigating risks such as malicious code injection, breaking changes, and unpredictable builds. The action provides clear failure reports and works out of the box with no configuration required.

• gustavtjac
• GitHub Actions