trendvis icon indicating copy to clipboard operation
trendvis copied to clipboard
verified publisher icon matplotlib

CI: Harden GHA configuration

Open tacaswell opened this issue 8 months ago • 1 comments

Apply recommended hardening steps including:

  • pinning to a SHA any actions used
  • not persisting the read token on checkout
  • setting the default permissions
  • adding a depandabot file for GHA

tacaswell avatar Jul 18 '25 16:07 tacaswell

I did not do any updating as part of this wave of PRs. The plan in my head was to rely on dependabot to fix that in a second pass.

tacaswell avatar Jul 22 '25 13:07 tacaswell