devitway 7df118d488 security: harden OpenSSF Scorecard compliance ...

- Pin all GitHub Actions by SHA hash (Pinned-Dependencies)
- Add top-level permissions: read-all (Token-Permissions)
- Add explicit job-level permissions (least privilege)
- Add OpenSSF Scorecard workflow with weekly schedule
- Publish scorecard results to scorecard.dev and GitHub Security tab

2026-03-17 10:30:15 +00:00

6.6 KiB

Raw Blame History

View Raw