Fine-tune access to external actions

GitHub has updated its settings to enhance security and compliance for GitHub Actions by introducing fine-tuned access controls. Users can now limit workflows to actions authored by GitHub or GitHub-verified authors, ensuring that the organization behind the action is authentic, although GitHub does not review the code or security practices of these actions. The platform also allows users to create an explicit allow list, which enables workflows to utilize only those actions that have been reviewed, using flexible patterns with the * syntax. This feature is available for public repositories and private repositories under a GitHub Enterprise plan, and further guidance can be found in GitHub's documentation.