Enable immutable releases

[roemba]

The repository currently has no immutable releases. An attacker taking over the repository could modify previous releases and inject malicious software into existing workflows that pull in this plugin on every build.

As a user of this software I would expect that I have to take an action (e.g. upgrading the version of the plugin) before I can be exposed to malicious software.

Proposed Solution

Use Immutable releases. A simple setting that prevents releases from being edited after they are created.

See https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/preventing-changes-to-your-releases for how it can be enabled.