Dependabot will automatically open PRs to update dependencies. Pinning actions to releases is good for security/stability. Even better would be pinning to specific SHA hashes, but not necessary unless you want to.
Dependabot will automatically open PRs to update dependencies.
Pinning actions to releases is good for security/stability.
Even better would be pinning to specific SHA hashes, but not necessary unless you want to.