rules:
  excessive-permissions:
    disable: true
  dangerous-triggers:
    ignore:
      - build_images.yml
  unpinned-uses:
    config:
      policies:
        actions/*: ref-pin