Could you consider enabling immutable releases for this project? This would help protect the project's software supply chain. Once enabled:
- Git tags are locked and cannot be moved or changed.
- Release assets cannot be modified after publishing.
This protects against supply chain attacks where an attacker injects malware into an existing release or modifies assets after the fact. For more details, see the GitHub documentation: Immutable releases.
Note: Immutability only applies to future releases. After enabling this feature, all existing releases will need to be re-saved individually to make them immutable as well.
Could you consider enabling immutable releases for this project? This would help protect the project's software supply chain. Once enabled:
This protects against supply chain attacks where an attacker injects malware into an existing release or modifies assets after the fact. For more details, see the GitHub documentation: Immutable releases.