Description
GitHub Actions workflows can be pinned to full commit hashes. This command-line security tool is useful for maintainers who want reproducible CI dependencies and less exposure to mutable action tags or reusable workflow references. It is run from a terminal with the pinact command. The tool rewrites workflow files, so review diffs carefully to avoid breaking CI triggers or trusted automation.