A tool for securing CI/CD workflows with version pinning.
Ratchet is a tool for improving the security of CI/CD workflows by automating the process of pinning and unpinning upstream versions. It's like Bundler, Cargo, Go modules, NPM, Pip, or Yarn, but for CI/CD workflows. Ratchet supports GitHub Actions & Google Cloud Build.
Ratchet is a tool for improving the security of CI/CD workflows by automating the process of pinning and unpinning upstream versions. It's like Bundler, Cargo, Go modules, NPM, Pip, or Yarn, but for CI/CD workflows. Ratchet supports GitHub Actions & Google Cloud Build.
To install ratchet, run the following command in macOS terminal (Applications->Utilities->Terminal)
sudo port install ratchet
To see what files were installed by ratchet, run:
port contents ratchet
To later upgrade ratchet, run:
sudo port selfupdate && sudo port upgrade ratchet
Reporting an issue on MacPorts Trac
The MacPorts Project uses a system called Trac to file tickets to report bugs and enhancement requests.
Though anyone may search Trac for tickets, you must have a GitHub account in order to login to Trac to create tickets.