security: pin version of py-actions/py-dependency-install

Remeidates: https://docs.zizmor.sh/audits/#impostor-commit Version: https://github.com/py-actions/py-dependency-install/releases/tag/v4.0.0
2025-06-08 08:19:08 -07:00 · 2025-06-08 08:19:08 -07:00 · f6a7af63b9
parent 2dadd31ebd
commit f6a7af63b9
1 changed files with 2 additions and 1 deletions
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@ -6,6 +6,7 @@ permissions:

 jobs:
  Run-Markdown-Checks:
+    name: Run Markdown Checks
    runs-on: ubuntu-24.04
    steps:
      - name: checkout
@ -13,7 +14,7 @@ jobs:
        with:
          persist-credentials: false
      - name: Install Python dependencies
-        uses: py-actions/py-dependency-install@v4
+        uses: py-actions/py-dependency-install@9c419aa98bfb42280bdae2b0a736befd9b01e3b1 # v4
        with:
          path: "tools/requirements.txt"
          update-pip: "false"