[StepSecurity] Apply security best practices

[stepsecurity-app]

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Pinned Dependencies

Pinning GitHub Actions to specific versions or commit SHAs ensures that your workflows remain consistent and secure.
Unpinned actions can lead to unexpected changes or vulnerabilities caused by upstream updates.

• GitHub Security Guide
• The Open Source Security Foundation (OpenSSF) Security Guide

StepSecurity Maintained Actions

Risky GitHub Actions can expose your project to potential security risks. Risky actions have been replaced with StepSecurity maintained actions, that are secure drop-in replacements.

• StepSecurity Maintained Actions

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.53%. Comparing base (cb8e8dc) to head (bc8a52e).
⚠️ Report is 6 commits behind head on dev.

Additional details and impacted files

@@           Coverage Diff           @@
##              dev     #904   +/-   ##
=======================================
  Coverage   83.53%   83.53%           
=======================================
  Files          99       99           
  Lines       14392    14392           
=======================================
  Hits        12022    12022           
  Misses       2370     2370           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.