Please describe the feature you have in mind and explain what the current shortcomings are?
We need to standardize a bunch of security guidelines.
This would enbale more secure automation workflows, in abest case even automated security checks
How would you imagine the implementation of the feature?
This should be done by researching a bunch of important topics
[ ] Research on security features
[ ] Configure each repository permissions to clearly define who is allowed to do what
[ ] Under which circumstances automated workflows are allowed to run
[ ] Define who is responsible for what in the code - Code Owners file as an option
[ ] Branch protection rules
[ ] Apply principle of least privilege to tokens and similar things
Are there any labels you wish to add?
[X] I have added the relevant labels to the feature request.
Is there an existing issue for this?
Please describe the feature you have in mind and explain what the current shortcomings are?
We need to standardize a bunch of security guidelines. This would enbale more secure automation workflows, in abest case even automated security checks
How would you imagine the implementation of the feature?
This should be done by researching a bunch of important topics
Are there any labels you wish to add?
Describe alternatives you've considered:
Beeing risky and not caring
Additional context:
No response