Behnaz Hassanshahi

Prepare the repo to meet SLSA security levels

4

[SLSA](https://slsa.dev/) is a promising work that aims at improving the security posture of open source software and protecting against supply chain attacks. I believe this template provides a good opportunity...

Fix code scanning alert - Pinned-Dependencies

1

Tracking issue for: - [ ] https://github.com/jenstroeger/python-package-template/security/code-scanning/38

Tracking issue for: - [ ] https://github.com/jenstroeger/python-package-template/security/code-scanning/33

Tracking issue for: - [ ] https://github.com/jenstroeger/python-package-template/security/code-scanning/31

Prepare the repo for the OpenSSF Best Practices badge

2

It would be nice to get the [OpenSSF Best Practices badge](https://bestpractices.coreinfrastructure.org/en). We need to tick the boxes listed on this [page](https://bestpractices.coreinfrastructure.org/en/criteria/0).

Revisit CI testing strategies

1

We need to revisit how to trigger the CI checks based on the events (`pull_request` vs. `push`), branches (`main`, `staging`, and the rest), and matrices (e.g., OS and Python versions)....