Feature Request: githubaction autodiscovery should allow for pinning version to commit hash

### Is your feature request related to a problem?

Currently our company policies requires that github actions should be pinned by release commit hash.

e.g.:

> The commit hash for https://github.com/actions/setup-node/releases/v4.1.0 is 39370e3970a6d050c480ffad4ff0ed4d3fdee5af. When pinning, the Action's definition would be: - uses: `actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af`.

### Solution you'd like

The githubaction autodiscovery plugin should allow users to specify how to resolve an action version (branch, tag, release, commit)

- [x] `githubrelease` should allow output in hash or name (`key`)
- [x] `gitbranch` should allow output in hash or name (`key`)
- [x] `githubaction` autodiscovery should accept a `digest` parameter

### Alternatives you've considered

_No response_

### Anything else?

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Feature Request: githubaction autodiscovery should allow for pinning version to commit hash #3507

Is your feature request related to a problem?

Solution you'd like

Alternatives you've considered

Anything else?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Feature Request: githubaction autodiscovery should allow for pinning version to commit hash #3507

Description

Is your feature request related to a problem?

Solution you'd like

Alternatives you've considered

Anything else?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions