statuses icon indicating copy to clipboard operation
statuses copied to clipboard

Published 20 hours ago verified publisher icon jshttp

chore: pin dependencies and specify permissions in the pipeline

Open inigomarquinez opened this issue 1 year ago • 0 comments

Main Changes

This change includes the pinning for the GitHub Actions dependencies and the permissions definition for the pipeline.

Impact in the OSSF Scorecard

Captura de pantalla 2024-03-14 a las 21 18 47 Captura de pantalla 2024-03-14 a las 21 18 59

Context

Changes related

Team discussion related

  • Ref: https://github.com/expressjs/security-wg/issues/2
  • Report: https://kooltheba.github.io/openssf-scorecard-api-visualizer/#/projects/github.com/jshttp/statuses/commit/454ceb6e0bfea4f889be244de2538df8afb4dc2a

inigomarquinez avatar Mar 14 '24 20:03 inigomarquinez