Closed bjosv closed 5 months ago
Sounds awesome! Looks great!
Sorry for the edits in the PR title/headline, the PR somehow got submitted before it was ready .. The touchpad probably needs to be replaced :) I'll look into the coveralls problem this triggered before merging.
Improve security for CI runs according to OpenSSF recommendations:
Add dependabot for automated dependency updates https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Pin versions of Github actions in CI https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
Set read-only permission for Github Actions in CI https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions