Lockdown untrusted workflows

fix(ci): OSSF Changes #350

Sign in to view logs

Triggered via pull request February 14, 2025 13:39

sthulb

opened #1769

ossf

Status Failure

Total duration 13s

Artifacts –

secure_workflows.yml

on: pull_request

Harden Security

Annotations

2 errors

Harden Security

google/osv-scanner-action/.github/workflows/[email protected] is not pinned to a full length commit SHA.

Harden Security

At least one workflow contains an unpinned GitHub Action version.