Skip to content

chore: [StepSecurity] Apply security best practices #1129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 22, 2025
Merged

chore: [StepSecurity] Apply security best practices #1129

merged 2 commits into from
Oct 22, 2025
+5 −5

Conversation

@stepsecurity-app
Copy link
Contributor

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Pinned Dependencies

Pinning GitHub Actions to specific versions or commit SHAs ensures that your workflows remain consistent and secure.
Unpinned actions can lead to unexpected changes or vulnerabilities caused by upstream updates.

StepSecurity Maintained Actions

Risky GitHub Actions can expose your project to potential security risks. Risky actions have been replaced with StepSecurity maintained actions, that are secure drop-in replacements.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

@stepsecurity-app
[StepSecurity] Apply security best practices
2d8a4cd 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
@stepsecurity-app stepsecurity-app bot requested a review from a team as a code owner October 2, 2025 15:20
@stepsecurity-app stepsecurity-app bot requested a review from leninmehedy October 2, 2025 15:20
PavelSBorisov
PavelSBorisov previously approved these changes Oct 22, 2025
View reviewed changes
@PavelSBorisov
Merge branch 'main' into chore/GHA-021520-stepsecurity-remediation
d16b198 
Signed-off-by: Pavel Borisov <37436896+PavelSBorisov@users.noreply.github.com>
@gsstoykov gsstoykov merged commit e1aefa9 into main Oct 22, 2025
11 of 12 checks passed
@gsstoykov gsstoykov deleted the chore/GHA-021520-stepsecurity-remediation branch October 22, 2025 11:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PavelSBorisov PavelSBorisov PavelSBorisov approved these changes

@leninmehedy leninmehedy Awaiting requested review from leninmehedy leninmehedy is a code owner automatically assigned from hiero-ledger/github-maintainers

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PavelSBorisov @gsstoykov