caddy icon indicating copy to clipboard operation
caddy copied to clipboard
verified publisher icon caddyserver

chore: apply security best practices for CI

Open mohammed90 opened this issue 7 months ago • 1 comments

We need to pay close attention here to ensure nothing will break.

Supersedes / Closes #7065

mohammed90 avatar Jun 13 '25 21:06 mohammed90

Good enough for me for now. It resolves many concerns. We can audit outbound calls here: https://app.stepsecurity.io/github/caddyserver/actions/runs. Resolving the scorecard generation for PRs can be tackled later.

mohammed90 avatar Jun 13 '25 22:06 mohammed90