One of the biggest problems with GitHub Actions is that, even with fully transitive locking at the action layer, you still can’t really guarantee hermetic execution: lots of actions do implicit version resolution on tools by default. For example, setup-python, etc. will select a reasonable version based on the constraints you give it, which may end up being the pre-installer runner’s Python, or a newly released patch version, etc.

Fully pinning action references themselves is a step in the right direction, but the ecosystem as a whole probably has expectations that are misaligned with reproducibility/hermeticity, and those expectations will be challenging to overcome.