Hi! I'd like to request that this repo be migrated to use immutable releases. Following the trivy supply chain compromise (https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/), it has been abundantly clear that this should occur on all github actions as a defense-in-depth measure to prevent tampering with github actions if a future supply chain compromise occurs. Can this be done?
Hi! I'd like to request that this repo be migrated to use immutable releases. Following the trivy supply chain compromise (https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/), it has been abundantly clear that this should occur on all github actions as a defense-in-depth measure to prevent tampering with github actions if a future supply chain compromise occurs. Can this be done?