Expand description
Pinner is a high-performance utility for securing CI/CD workflows by pinning
mutable tags (like @v1) to immutable commit SHAs.
It supports GitHub Actions, GitLab CI/CD, Bitbucket Pipelines, Forgejo, and OCI container registries. It uses a precise AST-based parser to ensure that YAML formatting and comments are preserved.
Re-exports§
pub use cli::Cli;pub use cli::Commands;pub use error::PinnerError;pub use patcher::Formatter;pub use patcher::Patcher;pub use resolver::CachedProvider;pub use resolver::RegistryProvider;pub use resolver::RemoteProvider;pub use resolver::Resolver;pub use scanner::Scanner;
Modules§
- cli
- CLI argument parsing and command definitions.
- config
- Configuration management for Pinner.
- core
- The core module defines the central domain models and traits used throughout Pinner.
- error
- patcher
- The patcher module is responsible for applying identified dependency updates to the source files while strictly preserving formatting and comments.
- resolver
- The resolver module is responsible for mapping symbolic dependency references
(like
@v3or:latest) to immutable hashes (like SHA-1 or digests). - scanner
- The scanner module is responsible for traversing the file system and parsing CI/CD workflow files to identify dependencies that need updating.
Structs§
- Pipeline
- The central orchestration point for the Pinner pipeline.
Functions§
- init_
project - Initializes a new
.pinner.tomlconfiguration file with sensible defaults. - init_
project_ with_ selection - Initializes a new
.pinner.tomlconfiguration file with sensible defaults, using the specified selection for vetted Actions. - install_
git_ hook - run