Skip to content

chore: [StepSecurity] Apply security best practices#2498

Draft
stepsecurity-app[bot] wants to merge 2 commits intomainfrom
chore/GHA-172030-stepsecurity-remediation
Draft

chore: [StepSecurity] Apply security best practices#2498
stepsecurity-app[bot] wants to merge 2 commits intomainfrom
chore/GHA-172030-stepsecurity-remediation

Conversation

@stepsecurity-app
Copy link
Copy Markdown
Contributor

@stepsecurity-app stepsecurity-app bot commented Mar 17, 2026

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Pinned Dependencies

Pinning GitHub Actions to specific versions or commit SHAs ensures that your workflows remain consistent and secure.
Unpinned actions can lead to unexpected changes or vulnerabilities caused by upstream updates.

StepSecurity Maintained Actions

Risky GitHub Actions can expose your project to potential security risks. Risky actions have been replaced with StepSecurity maintained actions, that are secure drop-in replacements.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

@stepsecurity-app stepsecurity-app bot requested review from a team as code owners March 17, 2026 20:30
@stepsecurity-app stepsecurity-app bot requested a review from rbarker-dev March 17, 2026 20:30
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 17, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.95%. Comparing base (8864ec8) to head (e221715).

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #2498   +/-   ##
=======================================
  Coverage   99.95%   99.95%           
=======================================
  Files         182      182           
  Lines        7201     7201           
  Branches     1399     1413   +14     
=======================================
  Hits         7198     7198           
  Misses          3        3

Impacted file tree graph

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@steven-sheehy steven-sheehy marked this pull request as draft April 1, 2026 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rbarker-dev rbarker-dev Awaiting requested review from rbarker-dev rbarker-dev is a code owner automatically assigned from hashgraph/platform-ci

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jbair06