hboutemy opened a new pull request, #6: URL: https://github.com/apache/tooling-actions/pull/6
protect GH `main` branch against forced push and delete for GHA, every commit is de-facto a distribution, then this type of protection is even more useful than on any other Git repo @ppkarwasz I suppose that such a Git repo for GH Actions would deserve SLSA Source controls: I did not really study https://slsa.dev/spec/v1.2/source-requirements but the basic protection I'm configuring in this PR is really the most basic first step to me, with proper Git tag protection (I don't know how to implement, just talking from a pure logic perspective), such GHA could promote using Git tags again, which would be a great benefit for users to navigate from release to release, instead of using just Git commits chosen arbitrarily just proposing a first step -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
