mirror of
https://github.com/chainguard-dev/clog
synced 2026-07-06 22:12:46 +00:00
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
This commit is contained in:
parent
b5e6d19489
commit
d4121b5aec
1 changed files with 8 additions and 0 deletions
8
.github/workflows/go.yml
vendored
8
.github/workflows/go.yml
vendored
|
|
@ -9,11 +9,19 @@ on:
|
|||
pull_request:
|
||||
branches: [ "main" ]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||
|
||||
- name: Set up Go
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue