From e15cd01149afe4924460f81cb6e27dd96de06657 Mon Sep 17 00:00:00 2001
From: StepSecurity Bot <bot@stepsecurity.io>
Date: Fri, 25 Nov 2022 10:26:10 +0000
Subject: [StepSecurity] ci: Harden GitHub Actions

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
---
 .github/workflows/bundled_gems.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to '.github/workflows/bundled_gems.yml')

diff --git a/.github/workflows/bundled_gems.yml b/.github/workflows/bundled_gems.yml
index 471f32b25f..f9a7a822cd 100644
--- a/.github/workflows/bundled_gems.yml
+++ b/.github/workflows/bundled_gems.yml
@@ -29,9 +29,9 @@ jobs:
           echo "GNUMAKEFLAGS=-j$((1 + $(nproc --all)))" >> $GITHUB_ENV
           echo "TODAY=$(date +%F)" >> $GITHUB_ENV
 
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
 
-      - uses: actions/cache@v3
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
         with:
           path: .downloaded-cache
           key: downloaded-cache-${{ github.sha }}
-- 
cgit v1.2.3