mirror of
https://github.com/imjasonh/krust
synced 2026-07-08 06:45:32 +00:00
- Pin all GitHub Actions to specific commit SHAs for immutability - Add cargo-audit job to CI pipeline for vulnerability scanning - Create SECURITY.md with vulnerability reporting guidelines - Add Dependabot configuration for automated dependency updates - Weekly updates for both Cargo and GitHub Actions - Grouped patch and minor updates for Cargo dependencies - Update job dependencies to run security checks before integration tests This improves the project's security posture by: 1. Preventing action hijacking through SHA pinning 2. Catching known vulnerabilities early with cargo-audit 3. Providing clear security reporting channels 4. Automating dependency updates to reduce security debt 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| workflows | ||
| dependabot.yml | ||