Presto should strive for an OpenSSF scorecard value of >= 7.0

## Expected Behavior or Use Case
See the scorecard value: https://securityscorecards.dev/viewer/?uri=github.com%2Fprestodb%2Fpresto

Many of these are easy to fix, for example, improvements to our usage of tokens and pinning workflows.  [OpenSSF recommends a score of 7 or higher for all dependencies](https://best.openssf.org/SCM-BestPractices/github/repository/scorecard_score_too_low.html).

## Presto Component, Service, or Connector
CI

## Possible Implementation
We should systematically look through each negative score in the scorecard and work to improve it.

## Example Screenshots (if appropriate):
The OpenSSF scorecard is a concise and easy to understand the security robustness of a project.  It should have a high score so folks have confidence on depending on Presto.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Presto should strive for an OpenSSF scorecard value of >= 7.0 #26263

Expected Behavior or Use Case

Presto Component, Service, or Connector

Possible Implementation

Example Screenshots (if appropriate):

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Presto should strive for an OpenSSF scorecard value of >= 7.0 #26263

Description

Expected Behavior or Use Case

Presto Component, Service, or Connector

Possible Implementation

Example Screenshots (if appropriate):

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions