Use GitHub Immutable Releases #195
Description
GitHub recently made Immutable releases generally available (blog post), adding a new layer of supply chain security.
Using immutable releases for a GitHub Action package ensures stability, consistency, and trust for everyone who depends on it. When releases cannot be altered once published, users are guaranteed that a given version tag always refers to the exact same code, eliminating the risk of unexpected behavior caused by silent changes. This leads to more reliable builds, easier debugging, and a predictable upgrade path for downstream projects. Immutable releases also encourage better versioning practices, improve supply chain security, and help maintain a transparent history of changes over time.
GPT Sales Pitch 🤖