From 6ccd3c8a380f88c158d5e9e7349c4e1ae5984a0f Mon Sep 17 00:00:00 2001
From: "stepsecurity-int[bot]"
 <185740846+stepsecurity-int[bot]@users.noreply.github.com>
Date: Thu, 5 Jun 2025 15:27:21 +0000
Subject: [PATCH] Apply security best practicesSigned-off-by: StepSecurity Bot
 <bot@stepsecurity.io>

---
 .github/workflows/ci.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e731ce8..a94e5b2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -330,6 +330,11 @@ jobs:
           - macos-13
           - windows-latest
     steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
       -
         name: Checkout
         uses: actions/checkout@v4