Skip to content

ci: Harden GitHub Actions workflows#1

Open
gcl-sekoia wants to merge 3 commits into
SEKOIA-IO:mainfrom
gcl-sekoia:gha-security/harden
Open

ci: Harden GitHub Actions workflows#1
gcl-sekoia wants to merge 3 commits into
SEKOIA-IO:mainfrom
gcl-sekoia:gha-security/harden

Conversation

@gcl-sekoia

@gcl-sekoia gcl-sekoia commented Mar 24, 2026

Copy link
Copy Markdown

Summary

  • Configure Dependabot for GitHub Actions (weekly, 14-day cooldown, grouped version updates)
  • Pin actions to commit SHAs (14-day minimum age)
  • Least-privilege permissions (deny-all at workflow level, minimal job-level grants)

@gcl-sekoia gcl-sekoia marked this pull request as ready for review March 24, 2026 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gcl-sekoia