It would be good to review https://cheatsheetseries.owasp.org/cheatsheets/GitHub_Actions_Security_Cheat_Sheet.html and make sure we're following all of the best practices.
This issue is also a good chance for someone to learn about all of the various security foot-guns of GHA.
It would be good to review https://cheatsheetseries.owasp.org/cheatsheets/GitHub_Actions_Security_Cheat_Sheet.html and make sure we're following all of the best practices.
This issue is also a good chance for someone to learn about all of the various security foot-guns of GHA.