This update aligns with Microsoft's security guidelines by pinning all GitHub Action tags and Docker tags to their full-length commits. This practice ensures immutability and reduces the risk of supply chain attacks. Note that 1st and 2nd party actions do not require hash pinning.
