Getting Started

Secure your CI/CD pipelines in minutes with this comprehensive guide to Pinner.

1 Installation

Choose the installation method that best fits your environment.

Shell (macOS & Linux)

curl -LsSf https://raw.githubusercontent.com/ffalcinelli/pinner/main/install.sh | sh

PowerShell (Windows)

powershell -ExecutionPolicy ByPass -c "irm https://raw.githubusercontent.com/ffalcinelli/pinner/main/install.ps1 | iex"

Cargo (Rust)

cargo install pinner

2 Pin Your First Workflow

Navigate to your repository and run the pin command. By default, Pinner looks for files in .github/workflows/.

$ pinner pin

Searching for workflows in .github/workflows/...

Found 2 workflow files.

actions/checkout@v4 -> actions/checkout@8f4b7f84... # v4

Successfully pinned 3 actions! ✅

Tip: Use --dry-run to see changes without writing to files.

3 Verify in CI

Prevent unpinned actions from being merged into your codebase by adding Pinner to your CI pipeline.

name: Pinning Check
on: [pull_request]

jobs:
  verify-pinning:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v4
      - name: Install Pinner
        run: curl -LsSf https://raw.githubusercontent.com/ffalcinelli/pinner/main/install.sh | sh
      - name: Verify Pinning
        run: pinner verify

Next Steps