Potential Security Enhancements for fmdb

[ITGoodMan]

Hi fmdb Maintainers,

I'm reaching out because I appreciate your work on fmdb. As open-source security is a growing concern, I'd like to suggest some improvements based on the OpenSSF Scorecard best practices:

​Token Permissions​: Consider implementing explicit token permissions within the workflow to avoid over-permissioning vulnerabilities. ​Branch Protection & Code Review​: Enabling branch protection rules and code reviews can minimize the risk of introducing vulnerabilities. Refer to your repository settings for configuration options. ​Static Application Security Testing (SAST)​: Implementing SAST tools can help detect vulnerabilities early in the development lifecycle. ​Dependency Update Tool​: Utilizing a dependency update tool ensures your project uses the latest secure library versions. ​Security Policy​: Defining a comprehensive security policy (SECURITY.md) with vulnerability reporting guidelines, coding standards, and response procedures is recommended. For more information on specific checks, see the OpenSSF Scorecard documentation: Link to Documentation