Skip to content

Commit

Permalink
Add link to GitHub's "Immutable actions publishing" initiative
Browse files Browse the repository at this point in the history
  • Loading branch information
@ericcornelissen
ericcornelissen committed Oct 5, 2024
1 parent 6a17e3c commit 3c0941e
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,12 @@ recommended to use commit SHAs instead to avoid failing verification by ghasum.
- Requires manual intervention when an Action is updated.
- The hashing algorithm used for checksums is not configurable.
- Checksums do not provide protections against [unpinnable actions].
- Checksums do not provide protection against [unpinnable actions].[^1]
[^1]: See [github/roadmap#592] for work on unpinnable actions by GitHub.
[unpinnable actions]: https://www.paloaltonetworks.com/blog/prisma-cloud/unpinnable-actions-github-security/
[github/roadmap#592]: https://github.com/github/roadmap/issues/592
## Background
Expand Down

0 comments on commit 3c0941e

Please sign in to comment.