Code of Conduct
What article on docs.github.com is affected?
https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
What part(s) of the article would you like to see updated?
OSSF Scorecards can find issues related to token permissions and actions that are not pinned. Adding a reference to Scorecards in the token permissions and (optionally) pin actions sections of the hardening guide will help readers to take action to address these issues.
https://github.blog/2022-01-19-reducing-security-risk-oss-actions-opensff-scorecards-v4/
Additional information
No response
Code of Conduct
What article on docs.github.com is affected?
https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
What part(s) of the article would you like to see updated?
OSSF Scorecards can find issues related to
token permissionsandactions that are not pinned. Adding a reference to Scorecards in the token permissions and (optionally) pin actions sections of the hardening guide will help readers to take action to address these issues.https://github.blog/2022-01-19-reducing-security-risk-oss-actions-opensff-scorecards-v4/
Additional information
No response