|
|
|
|
|
|
by zanie
69 days ago
|
|
|
We do address this in the article! It's defense in depth, not theater. We audit all of our actions, check if they pull in mutable dependencies, contribute upstream fixes, and migrate off using any action when we can. (I work at Astral) |
|
|
If not you cant be sure of anything. Its just a security theater.