You can now fine-tune access to external actions. These updated settings make it easier to achieve your security and compliance goals with GitHub Actions.
- You can limit external actions to just those created by GitHub, those in the Marketplace that were created by verified authors, or a combination
- You can optionally list specific external actions. Wildcards, tags, and SHAs enable flexibility and specificity