changed-files icon indicating copy to clipboard operation
changed-files copied to clipboard
verified publisher icon tj-actions

[Feature] Enable Release Immutability GitHub Feature

Open Clint-Chester opened this issue 3 weeks ago • 0 comments

Is this feature missing in the latest version?

  • [x] I'm using the latest release

Is your feature request related to a problem? Please describe.

Our security scanners when using the GitHub Action detect that not having immutable releases is a security vulnerability. Example below (unfortunately the code scanner uses this repository as an example):

Image

Describe the solution you'd like?

Enable release immutability in the settings of this GitHub repository:

Image

Can read more about it here - https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases

Describe alternatives you've considered?

We could switch to referencing commit SHAs as an alternative, but it wouldn't be a nice way for people to easily identify the version of the action currently being used. Enabling release immutability will allow people to quickly check the version of the action they're using.

Anything else?

No response

Code of Conduct

  • [x] I agree to follow this project's Code of Conduct

Clint-Chester avatar Dec 02 '25 09:12 Clint-Chester