diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index cd730a8f881..5202cf2a8e5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit diff --git a/.github/workflows/darker.yaml b/.github/workflows/darker.yaml index cb614a91937..f47f8a0c6fc 100644 --- a/.github/workflows/darker.yaml +++ b/.github/workflows/darker.yaml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 509b8bb118d..0ea12ac911a 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -49,7 +49,7 @@ jobs: SPHINX_OPTS: "-v -j 2" steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index d8a6af3dfd1..dcdbd5cedf3 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit diff --git a/.github/workflows/pytest.yaml b/.github/workflows/pytest.yaml index 3f85f2f26cc..e6c285f312e 100644 --- a/.github/workflows/pytest.yaml +++ b/.github/workflows/pytest.yaml @@ -50,7 +50,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit diff --git a/.github/workflows/upload_to_pypi.yaml b/.github/workflows/upload_to_pypi.yaml index 40bd2ca437e..c2d2f3b7e2a 100644 --- a/.github/workflows/upload_to_pypi.yaml +++ b/.github/workflows/upload_to_pypi.yaml @@ -17,7 +17,7 @@ jobs: id-token: write steps: - name: Harden Runner - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit