Update your GitHub Actions with Dependabot while using secure SHA Commit pinning while maintaining human readable versioning comments.pinned to a SHA
Why do you think that https://github.com/macintoshpie/ghactionsbyexample is a good alternative to dependabot-sha-comment-action