Mildly ironic that the quickstart suggests starting with an unpinned action
gjtorikian/gh-actions-lockfile@v1
Presumably since it has to run first it must run unpinned?
Mildly ironic that the quickstart suggests starting with an unpinned action
gjtorikian/gh-actions-lockfile@v1
Presumably since it has to run first it must run unpinned?
Arguably, that's exactly the one action that will need to be hash-pinned, since all the consecutive actions will at least be verified against the lockfile.
Right, completely agree! By "must run unpinned" I meant "no way it can make itself run pinned, since it's already running"