Static Analysis for GitHub Actions
github.comTheir action is also super handy: https://github.com/zizmorcore/zizmor-action
Use pinact (you can brew install it) to pin it by checksum: https://github.com/suzuki-shunsuke/pinact
Their action is also super handy: https://github.com/zizmorcore/zizmor-action
Use pinact (you can brew install it) to pin it by checksum: https://github.com/suzuki-shunsuke/pinact