Further renovate tweaks #16
Description
Looking at bootc-dev/containers-image-proxy-rs#93
So personally I feel that pinning Github actions by SHA digest is not worth it; unless someone actually reviews changes it's basically security theater.
Also honestly, if we were to pin I think it's the kind of thing that's better done centrally (i.e. we could in theory maintain pins in this repo) or something.
Basically I think let's back off from pinning GHAs.