Item-39
Use Case​
- Incubating: Expected
- Active: Expected
- Retiring: N/A
Description​
GitHub Actions Should Be Limited To Verified or Explicitly Trusted Actions
Details​
- C-SCRM: undefined
- Priority Group: 10
- Mitre: CWE-1357
- Sources: OpenSSF SCM Best Practices
- How To: Github Docs