Beginning CI/CD: A Practical Introduction using GitHub Actions

Chapter 6: Dependency Management and Security in CI/CD

[Content moved from the draft: Dependabot setup and strategies; SBOM/SCA; reproducible builds; trusted components; CI/CD pipeline security including auth, secrets (incl. OIDC), network and runner hardening; anti-malware scanning; preventing malicious script execution; general security principles.]