Yes, true, but at least the fire won't spread through this one point. Hopefully all of your upstreams can be persuaded to pin also.
replyDoesn't a single compromised action in the chain cause the whole to be fucked? Pinning the top level doesn't prevent any spread.
replyMight want to vendor everything?
replyWell, it is a git commit hash of the action repo that contains the transpiled/bundled javascript.
replyLike: https://github.com/actions/checkout/tree/11bd71901bbe5b1630c...
So I'm pretty sure that for the same commit hash, I'll be executing the same content.
This is true specifically for actions/checkout, but composite actions can have other actions as dependencies, and unless the composite action pins the versions of its dependencies, it is vulnerable for this attack.
replyThis article[0] gives a good overview of the challenges, and also has a link to a concrete attack where this was exploited.
[0]: https://nesbitt.io/2025/12/06/github-actions-package-manager...