Is your feature request related to a problem? Please describe.
The majority of the official actions/ actions all publish immutable actions (see actions/checkout for example), it'd be great if this one could also be so we don't have to pin to the full length commit SHA if we want immutability.
Describe the solution you'd like
- Add an immutable action publish workflow
- Add the action to codeql's immutable actions list so it doesn't get flagged by the CWE-829 rule
Describe alternatives you've considered
N/A
Additional context
Happy to make the PRs for this.
Is your feature request related to a problem? Please describe.
The majority of the official
actions/actions all publish immutable actions (seeactions/checkoutfor example), it'd be great if this one could also be so we don't have to pin to the full length commit SHA if we want immutability.Describe the solution you'd like
Describe alternatives you've considered
N/A
Additional context
Happy to make the PRs for this.