[StepSecurity] Apply security best practices (#175)

Signed-off-by: StepSecurity Bot <[email protected]>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>

Author: stepsecurity-app[bot]

.github/workflows/docker.yml

@@ -9,6 +9,9 @@ on:
 env:
   REGISTRY_IMAGE: ghcr.io/base/node-reth-dev
 
+permissions:
+  contents: read
+
 jobs:
   build-and-push:
     strategy:
@@ -73,7 +76,7 @@ jobs:
           touch "${{ runner.temp }}/digests/${digest#sha256:}"
 
       - name: Upload digest
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: digests-${{ env.PLATFORM_PAIR }}
           path: ${{ runner.temp }}/digests/*