ratchet

Secures CI/CD workflows by pinning dependency versions

brewmacoslinux

Try with needOr install directly

About

Tool for securing CI/CD workflows with version pinning

ratchet

Pin versions in a GitHub Actions workflow file$ ratchet pin -f .github/workflows/main.yml

Check for unpinned versions in workflow$ ratchet check -f .github/workflows/main.yml

Update pinned versions to latest available$ ratchet update -f .github/workflows/main.yml