You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Immutable actions are a way to publish custom GitHub Actions as OCI artifacts in the GitHub container registry, as opposed to git refs. They give some better security guarantees than existing actions:
Provenance attestations generated using the @actions/attest package
Tag immutability - it will not be possible to overwrite tags once published, ensuring versions of an action can't change once in use
Namespace immutability - it will not be possible to delete and recreate the package with different content; this would undermine tag immutability
Currently, immutable actions are in preview, but I think it's worth investigating.
Immutable actions are a way to publish custom GitHub Actions as OCI artifacts in the GitHub container registry, as opposed to git refs. They give some better security guarantees than existing actions:
Currently, immutable actions are in preview, but I think it's worth investigating.
References:
The text was updated successfully, but these errors were encountered: