Fix safeFilename function to hash input to prevent leaking sensitive data to filesystem #27
Description
Using uses: https://${{ secrets.USER }}:${{ secrets.PASS }}@host.tld/repo.git will leak credentials as plaintext to filesystem via actions cache
act-cli/pkg/runner/step_action_remote.go
Line 124 in afbf79f
https://gitea.com/gitea/act/pulls/117/files
https://gitea.com/pj/act/commit/b6450c7f71210cf9988deae3a84d41efb28eae77