best practices: ossf scorecard: Fix pinning per Pedro suggestion with…

… --require-hashes Related: ossf/scorecard#4189 (comment) Signed-off-by: John Andersen <[email protected]>
johnandersen777 · Jun 24, 2024 · 804c44b · 804c44b
1 parent bef0c18
commit 804c44b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/scripts/ossf_scorecard_pindeps.py b/scripts/ossf_scorecard_pindeps.py
@@ -336,7 +336,7 @@ def main():
                         )
                         + line_end
                     )
-                    line = line_start + "python -m pip install -r requirements-lock.txt" + line_end
+                    line = line_start + "python -m pip install --require-hashes -r requirements-lock.txt" + line_end
 
                 new_lines.append(line)
             path.write_text("\n".join(new_lines))