Pinner

Secures software supply chains by pinning dependencies to immutable versions, resolving GitHub references to commit SHAs and Docker image tags to digests to prevent dependency substitution attacks.