Pin actions

[danewilson]

Pin the actions by their commit SHA so this action can be used in repositories that require all actions to be pinned.

[ulgens]

Any chance we pin to patch versions before pin hashing? Otherwise, automatic updates don't update the version comment and it gets harder to understand if their release changed or they released something new.

[awalsh128]

@danewilson or @ulgens can you do me a favor and test this against version acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 of this action?

Also, would be interested to see the release process for new pins that point to stable builds.

[danewilson]

I've tested this change in our own fork for what it's worth. If you're looking for a way to automate updating these digests then I can recommend Renovate.

[danewilson]

@awalsh128 Can we get a new release containing these changes please?

[awalsh128]

There was a new feature release for 3rd party PPA so I was holding off. I cut a new version at v1.6.0 though that you can use as a published action. I'll graduate it to the floating tags later but I don't think this is an issue for you since you are pinning all of your actions.

https://github.com/awalsh128/cache-apt-pkgs-action/releases/tag/v1.6.0