docs: improve best practices #1

	name: FOSSA

	on:
	push:
	branches: [ "*" ]
	pull_request:
	branches: [ "*" ]

	permissions: {}

	jobs:
	analyze:
	runs-on: ubuntu-latest
	steps:
	- name: "Checkout Code"
	uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
	with:
	persist-credentials: false
	- name: "Run FOSSA Scan"
	uses: fossas/fossa-action@47ef11b1e1e3812e88dae436ccbd2d0cbd1adab0 # v1.3.3
	with:
	api-key: ${{ secrets.FOSSA_API_KEY }}
	- name: "Run FOSSA Test"
	uses: fossas/fossa-action@47ef11b1e1e3812e88dae436ccbd2d0cbd1adab0 # v1.3.3
	with:
	api-key: ${{ secrets.FOSSA_API_KEY }}
	run-tests: true

Provide feedback