Issue Description
The repository needs PowerShell scripts for security scanning, including SHA pinning validation, staleness checking, and automated updates for GitHub Actions.
Additional Context
Files to add:
scripts/security/Test-DependencyPinning.ps1 - Validate dependencies are pinned to SHAsscripts/security/Test-SHAStaleness.ps1 - Check for stale SHA referencesscripts/security/Update-ActionSHAPinning.ps1 - Update action references to latest SHAs
Priority: Wave 2 (Priority 2) - Depends on Wave 1 completion
Dependencies: Requires scripts/README.md from repository foundation issue
Testing: Execute each script, verify JSON output format, test with sample workflow files
Issue Description
The repository needs PowerShell scripts for security scanning, including SHA pinning validation, staleness checking, and automated updates for GitHub Actions.
Additional Context
Files to add:
scripts/security/Test-DependencyPinning.ps1- Validate dependencies are pinned to SHAsscripts/security/Test-SHAStaleness.ps1- Check for stale SHA referencesscripts/security/Update-ActionSHAPinning.ps1- Update action references to latest SHAsPriority: Wave 2 (Priority 2) - Depends on Wave 1 completion
Dependencies: Requires scripts/README.md from repository foundation issue
Testing: Execute each script, verify JSON output format, test with sample workflow files