Update your GitHub Actions with Dependabot while using secure SHA Commit pinning while maintaining human readable versioning comments.pinned to a SHA
Why do you think that https://github.com/zgosalvez/github-actions-ensure-sha-pinne is a good alternative to dependabot-sha-comment-action