Pin CI workflow actions and images with Ratchet
Audit and rewrite CI/CD workflow references so agents can pin mutable actions, containers, and images to immutable versions before changes land.
What it does
Pin CI workflow actions and images with Ratchet
Audit and rewrite CI/CD workflow references so agents can pin mutable actions, containers, and images to immutable versions before changes land.
Prerequisites
Ratchet CLI; repository CI YAML files; optional GITHUB_TOKEN for private GitHub resolution
Installation
Use the upstream install or setup path that matches your environment:
- Cargo, Go modules, NPM, Pip, or Yarn, but for CI/CD workflows. Ratchet supports:
- Docker tags are mutable. This poses a substantial security and reliability risk.
- brew install ratchet
- go install github.com/sethvargo/ratchet@latest
Requirements and caveats from upstream:
- Compiled from source yourself. Note this option is not supported.
- container or Docker-based references.
Basic usage or getting-started notes:
-
There are a few options for installing ratchet:
-
Via homebrew:
-
sh
-
Extracted from upstream docs: https://raw.githubusercontent.com/sethvargo/ratchet/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,220 chars)