Hello. I'd like to request that this repo be migrated to use immutable releases. Following the Trivy supply chain compromise. It has been abundantly clear that this should occur on all GitHub actions as a defense-in-depth measure to prevent tampering with GitHub actions if a future supply chain compromise occurs. Can this be done?
Reference: Preventing changes to your releases
Hello. I'd like to request that this repo be migrated to use immutable releases. Following the Trivy supply chain compromise. It has been abundantly clear that this should occur on all GitHub actions as a defense-in-depth measure to prevent tampering with GitHub actions if a future supply chain compromise occurs. Can this be done?
Reference: Preventing changes to your releases