Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: How many GitHub repositories pin their dependencies? (kammel.dev)
1 point by datosh 7 months ago | hide | past | favorite
While researching GitHub Actions security best practices for a talk, I asked myself: "How many GitHub repositories actually pin their dependencies?" As I was not able to find any hard numbers, I went to gather the data myself. The results (and raw data) are available at: http://pin-gh-actions.kammel.dev/ The code is available on GitHub: https://github.com/datosh/pinned-actions in case you want to replicate the data or report any issues.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: