Hi,
mne-python/.github/workflows/codeql-analysis.yml at main · mne-tools/mne-python · GitHub we are using mutable tags in our workflow, so i think we should update with full commit SHA, as this reduces a risk of supply chain attacks. please let me know your thoughts on this, if we should update, I’ll create PR for this.
I was not sure if i should open this issue with enhancement tag or security, so decided to discuss here.
Best,
Aniket