github-prevention v5.2.0 - Added supply chain security objectives for release assets and Actions SHA pinning | Changelog | Guardrails

Introducing PSPM: Preventive Security Posture Management →

github-prevention v5.2.0 - Added supply chain security objectives for release assets and Actions SHA pinning

Mar 27, 2026•GuardrailsMods

What's new?

Added 2 new prevention objectives for supply chain security: prohibit modification of published release assets, and require GitHub Actions to use pinned commit references (SHA pinning).

Prevention Objectives

Prohibit GitHub published release asset modification
Require pinned commit references for GitHub Actions

Prevention Examples

Lock published release assets for GitHub organizations
Require SHA pinning for GitHub Actions in organizations