Closed
Description
Issue description / feature objectives
Review and apply security fixes to GitHub Actions Workflows. The scorecard remediation action documents an option to fix multiple issues at one time by visiting https://app.stepsecurity.io/secureworkflow.
Completion Criteria
- Scorecard: Pin third-party actions to a full length commit SHA
- Scorecard: Set top-level permissions for
GITHUB_TOKEN
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Done