Hugo van Kemenade

RE: https://code4lib.social/@acdha/116558806694701121

Do not use pull_request_target.
Do not use caches in publish workflows.
Use dependency cooldowns.
Use Zizmor.
Tell GitHub to make Actions secure by default.
#GitHub #GitHubActions

May 12 at 4:24amWeb