Update to 4 in STEP and README.md

.github/steps/-step.txt

@@ -1 +1 @@
-3
+4

README.md

@@ -14,45 +14,31 @@ _Create workflows that enable you to use Continuous Integration (CI) for your pr
 </header>
 
 <!--
-  <<< Author notes: Step 3 >>>
+  <<< Author notes: Step 4 >>>
   Start this step by acknowledging the previous step.
   Define terms and link to docs.github.com.
 -->
 
-## Step 3: Upload test reports
+## Step 4: Add branch protections
 
-_The workflow has finished running! :sparkles:_
+_Great job uploading test reports! :partying_face:_
 
-So what do we do when we need the work product of one job in another? We can use the built-in [artifact storage](https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts) to save artifacts created from one job to be used in another job within the same workflow.
+Take a look at the merge box, you'll notice you can merge this even though the review process hasn't been met.
 
-To upload artifacts to the artifact storage, we can use an action built by GitHub: [`actions/upload-artifacts`](https://github.com/actions/upload-artifact).
+Protected branches ensure that collaborators on your repository cannot make irrevocable changes to branches. Enabling protected branches also allows you to enable other optional checks and requirements, like required status checks and required reviews.
 
-### :keyboard: Activity: Upload test reports
+### :keyboard: Activity: Add branch protections
 
-1. Edit your workflow file.
-1. Add a step to your `build` job that uses the `upload-artifacts` action.
+1. Go to **Branches** settings. You can navigate to that page manually by clicking on the right-most tab in the top of the repository called **Settings** and then clicking on **Branches**.
+1. Click on **Add rule** under "Branch protection rules".
+1. Type `main` in **Branch name pattern**.
+1. Check **Require a pull request before merging**.
+1. Check **Require status checks to pass before merging**.
+1. Check all build and test jobs that you'd like to see in the newly visible gray box.
+1. Click **Create**.
+1. _Once you turn on branch protection, Actions can no longer push directly to `main`. You'll need to open the next step on your own._
 
-   ```yaml
-   build:
-     runs-on: ubuntu-latest
-     steps:
-       - uses: actions/checkout@v3
-
-       - name: Run markdown lint
-         run: |
-           npm install remark-cli remark-preset-lint-consistent
-           npx remark . --use remark-preset-lint-consistent --frail
-
-       - uses: actions/upload-artifact@v3
-         with:
-           name: remark-lint-report
-           path: public/
-   ```
-
-1. Commit your change to this branch.
-1. Wait about 20 seconds then refresh this page (the one you're following instructions from). [GitHub Actions](https://docs.github.com/en/actions) will automatically update to the next step.
-
-Similar to the upload action to send artifacts to the storage, you can use another action built by GitHub to download these previously uploaded artifacts from the `build` job: [`actions/download-artifact`](https://github.com/actions/download-artifact). To save you time, we'll skip that step for this course.
+<!-- Wait about 20 seconds then refresh this page (the one you're following instructions from). [GitHub Actions](https://docs.github.com/en/actions) will automatically update to the next step. -->
 
 <footer>