From d87e2205d69f8b00c2edfab679431d051bbb256a Mon Sep 17 00:00:00 2001
From: StepSecurity Bot <bot@stepsecurity.io>
Date: Sat, 23 Mar 2024 18:01:31 +0000
Subject: [PATCH] [StepSecurity] ci: Harden GitHub Actions

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
---
 .github/workflows/govulncheck.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml
index 5498b4af..4c00f4fd 100644
--- a/.github/workflows/govulncheck.yml
+++ b/.github/workflows/govulncheck.yml
@@ -18,4 +18,4 @@ jobs:
       with:
         egress-policy: audit
     - name: Run govulncheck
-      uses: golang/govulncheck-action@v1
\ No newline at end of file
+      uses: golang/govulncheck-action@3a32958c2706f7048305d5a2e53633d7e37e97d0 # v1.0.2
\ No newline at end of file