
Security best practices for authors of GitHub Actions
Improve your GitHub Action’s security posture by securing your source repository, protecting your maintainers, and making it easy to report security incidents.
Earlier today we permanently removed support for the following weak cryptographic standards on github.com and api.github.com: TLSv1/TLSv1.1: This applies to all HTTPS connections, including web, API, and Git connections to…
Earlier today we permanently removed support for the following weak cryptographic standards on github.com and api.github.com:
TLSv1
/TLSv1.1
: This applies to all HTTPS connections, including web, API, and Git connections to https://github.com and https://api.github.com.diffie-hellman-group1-sha1
: This applies to all SSH connections to github.comdiffie-hellman-group14-sha1
: This applies to all SSH connections to github.comThis change was originally announced last year, with the final timeline for the removal posted three weeks ago. If you run into any issues or have any questions, please don’t hesitate to let us know.