Limit GitHub Actions to Verified or Trusted Actions
Use Case​
- Incubating: expected
- Active: expected
- Retiring: n/a
Description​
GitHub Actions Should Be Limited To Verified or Explicitly Trusted Actions
Details​
- Implementation Status: pending
- C-SCRM: true
- Priority Group: P10
- Mitre: CWE-1357
- Sources: OpenSSF SCM Best Practices
- How To: Github Docs
- Created at 2024-12-11T23:03:52.941Z
- Updated at 2024-12-11T23:03:52.941Z