The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Query to find passwords and secrets in infrastructure code.

Query to find passwords and secrets in infrastructure code.

Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks

Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks

Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.

Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service

Setting state to latest performs an update and installs additional packages possibly resulting in performance degradation or loss of service