From 81ad58276fdb0dc60dae0b0f238063535456b76e Mon Sep 17 00:00:00 2001
From: Justin Kim <jkim@makenotion.com>
Date: Fri, 26 Sep 2025 16:19:21 -0700
Subject: [PATCH] Pin github workflows to a commit hash instead of version tag
 for security purpose

---
 .github/workflows/ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 59bffa4..f1a46cb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,10 +14,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3
         with:
           node-version: ${{ env.NODE_VERSION }}
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - run: |
           npm install
           npm run typecheck