I’ve enabled GitHub’s immutable releases feature on our repositories. This is a supply chain security hardening measure that prevents release artifacts from being modified or replaced after they’re published — ensuring that what gets tagged and released is exactly what consumers download.
This protects against scenarios where a release could be silently tampered with after the fact (whether by a compromised account, a mistake, or a malicious actor). Going forward, all new releases will be locked once published.
More details: Preventing changes to your releases - GitHub Docs