Pin Actions to full-length commit SHA

[Sudo-Ivan]

Hello Liam, again :)

I updated workflows:

• Pin all actions to full-length commit SHA for better supply chain security
• Made workflows link to dynamic repository references.

Example commands to verify or get sha:

curl -s "https://api.github.com/repos/ncipollo/release-action/git/refs/tags/v1" | grep '"sha"' | head -1 | cut -d'"' -f4

grep -oP 'uses:\s*[^@]+@[a-f0-9]{40}' .github/workflows/build.yml | sed 's/uses:\s*//' | sort | uniq | while IFS='@' read -r repo sha; do echo -n "$repo@$sha -> "; curl -s "https://api.github.com/repos/$repo/commits/$sha" | grep '"sha"' | head -1 | cut -d'"' -f4; done

Let me know if you want changes or if this is not something you want.

[Sudo-Ivan]

Just remembered, I need to add converting uppercase to lowercase for {{ github.repository }}:${{ github.ref_name }}

[Sudo-Ivan]

Should be good now.