📦 pin-github-action

Pin your GitHub Actions to specific versions automatically!

Author

Michael Heap

License

MIT

Unpacked Size

56.88 KB

Packed Size

13.79 KB

Last Activity

3 months ago

Wkly Downloads

322K

Unpacked Size

56.88 KB

Packed Size

13.79 KB

License

MIT

Author

Michael Heap

Last Activity

3 months ago

Dependencies Overview

Dependencies (7)

@octokit/rest ^21 commander ^13 debug ^4.4.0 escape-string-regexp ^5.0.0 fast-glob ^3.3.3 matcher ^5.0.0 yaml ^2.7.0

Peer Dependencies (0)

There are not dependencies

Dev Dependencies (6)

cross-env ^7.0.3 eslint ^9 eslint-plugin-prettier ^5 jest ^29 nock ^14 prettier ^3

Versions Overview

Last Version

3.4.0

Last Version Released

3 months ago

N. of Versions

This site is an independent open-source project and is not affiliated with, endorsed by, or sponsored by npm, Inc. or GitHub, Inc. The name “npm” is a registered trademark of npm, Inc., used here solely to describe compatibility and reference publicly available npm package data.

📦 pin-github-action

Pin your GitHub Actions to specific versions automatically!

Author

Michael Heap

License

MIT

Unpacked Size

56.88 KB

Packed Size

13.79 KB

Last Activity

3 months ago

Wkly Downloads

322K

Unpacked Size

56.88 KB

Packed Size

13.79 KB

License

MIT

Author

Michael Heap

Last Activity

3 months ago

Dependencies Overview

Dependencies (7)

@octokit/rest ^21 commander ^13 debug ^4.4.0 escape-string-regexp ^5.0.0 fast-glob ^3.3.3 matcher ^5.0.0 yaml ^2.7.0

Peer Dependencies (0)

There are not dependencies

Dev Dependencies (6)

cross-env ^7.0.3 eslint ^9 eslint-plugin-prettier ^5 jest ^29 nock ^14 prettier ^3

Versions Overview

Last Version

3.4.0

Last Version Released

3 months ago

N. of Versions

Security Overview

Vulnerabilities

Last Version with Vulnerabilities

N/A

Vulnerabilities Tracker

Historycal data about package vulnerabilities across all the stable versions

Vulnerabilites Summary

The `pin-github-action` npm package shows no reported security vulnerabilities across versions 1.0.0 through 3.4.0, indicating a strong security record for this action.

Complete Security Overview

Popularity Overview

GH Stars

GH Forks

GH Watchers

Downloads History

Historycal data about package downloads in the last 18 months

Package Summary

This action pins a GitHub Action to a specific commit SHA, enhancing security and reliability. It verifies the action isn't a tag or branch, then updates the workflow YAML file accordingly. Ideal for projects requiring reproducible builds and protection against malicious updates by compromised action versions, ensuring consistent and dependable workflows across your repository. Pinning action versions mitigates supply chain risks and promotes stable, predictable CI/CD pipelines.

Security Overview

Vulnerabilities

Last Version with Vulnerabilities

N/A

Vulnerabilities Tracker

Historycal data about package vulnerabilities across all the stable versions

Vulnerabilites Summary

The `pin-github-action` npm package shows no reported security vulnerabilities across versions 1.0.0 through 3.4.0, indicating a strong security record for this action.

Complete Security Overview

📦 pin-github-action

Dependencies Overview

Dependencies (7)

Peer Dependencies (0)

Dev Dependencies (6)

Versions Overview

📦 pin-github-action

Dependencies Overview

Dependencies (7)

Peer Dependencies (0)

Dev Dependencies (6)

Versions Overview

Security Overview

Vulnerabilities Tracker

Vulnerabilites Summary

Popularity Overview

Downloads History

Package Summary

Release Frequency

Popularity Overview

Downloads History

Security Overview

Vulnerabilities Tracker

Vulnerabilites Summary