Correct. As an attacker you just move one level deeper.

If the target pins their direct actions to commit hashes you compromise a dependency of the action instead. They pinned the top of the tree but you own something in the middle of it.

SolarWinds was not attacked directly. The attackers compromised Orion, a build tool SolarWinds depended on. SolarWinds had decent security on their own code. It did not matter because the attack came through a dependency they trusted and did not control.

The defender has to secure the entire chain. The attacker only has to find one weak link anywhere in it. That asymmetry is why supply chain attacks keep working.