FICHA · AUR

pinact

CLI to pin GitHub Actions and Reusable Workflows to full hashes

  • CI security tool
  • CLI
  • Launchable
  • Runs in terminal
official+codex · reviewed · Jun 3, 2026 description in en

Description

GitHub Actions workflows can be pinned to full commit hashes. This command-line security tool is useful for maintainers who want reproducible CI dependencies and less exposure to mutable action tags or reusable workflow references. It is run from a terminal with the pinact command. The tool rewrites workflow files, so review diffs carefully to avoid breaking CI triggers or trusted automation.

How to run

pinact

Commands: pinact

Permissions

Permissions not analysed for this source yet.