From fb6737d8a6b2884aaa434d3f8a4254982dd617c7 Mon Sep 17 00:00:00 2001
From: "stepsecurity-int[bot]"
 <185740846+stepsecurity-int[bot]@users.noreply.github.com>
Date: Thu, 17 Apr 2025 18:16:00 +0000
Subject: [PATCH] Apply security best practicesSigned-off-by: StepSecurity Bot
 <bot@stepsecurity.io>

---
 .github/workflows/code-review.yml | 2 +-
 .github/workflows/kbanalysis.yml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml
index cc70c82ed..8bc7247a5 100644
--- a/.github/workflows/code-review.yml
+++ b/.github/workflows/code-review.yml
@@ -20,4 +20,4 @@ jobs:
             int.api.stepsecurity.io:443
 
       - name: Code Review
-        uses: step-security/ai-codewise@int
+        uses: step-security/ai-codewise@ab9fe138367d6094b2df7f8469ddc2c5a79c9cf4 # int
diff --git a/.github/workflows/kbanalysis.yml b/.github/workflows/kbanalysis.yml
index 7fcbd6221..6c8c4cb57 100644
--- a/.github/workflows/kbanalysis.yml
+++ b/.github/workflows/kbanalysis.yml
@@ -31,7 +31,7 @@ jobs:
           repository: step-security/secure-repo
 
       - name: KBAnalysis
-        uses: step-security/secure-workflows/kbanalysis@main
+        uses: step-security/secure-workflows/kbanalysis@6fb13bcb0bd33717b5047dc195ca08f4af65d20e # main
         with:
           github-token: ${{secrets.PAT}}
           owner: ${{inputs.owner}}