[StepSecurity] Apply security best practices (#4539)

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2026-06-01 18:49:43 +00:00 · 2024-12-15 09:31:21 -08:00
parent 6a2ae22a5a
commit 4003f8da02
13 changed files with 374 additions and 57 deletions
@@ -23,7 +23,12 @@ jobs:
    if: github.repository == 'nlohmann/json'
    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v4
+      - name: Harden Runner
+        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Install virtual environment
        run: make install_venv -C docs/mkdocs
@@ -32,7 +37,7 @@ jobs:
        run: make build -C docs/mkdocs

      - name: Deploy documentation
-        uses: peaceiris/actions-gh-pages@v4
+        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_dir: ./docs/mkdocs/site