From db6e541bd55033bccef6ad070cb02d3a89d7c4e7 Mon Sep 17 00:00:00 2001
From: "stepsecurity-int[bot]"
 <185740846+stepsecurity-int[bot]@users.noreply.github.com>
Date: Thu, 17 Apr 2025 20:16:20 +0000
Subject: [PATCH] Apply security best practicesSigned-off-by: StepSecurity Bot
 <bot@stepsecurity.io>

---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index adb264e..36b8578 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@v2
+        uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
         with:
           egress-policy: audit