[StepSecurity] Apply security best practices

Signed-off-by: StepSecurity Bot <[email protected]>
northwood-labs · Nov 23, 2024 · 8dc3843 · 8dc3843
1 parent 1190556
commit 8dc3843
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
@@ -15,7 +15,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/[email protected]
+        uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"