Pin dependencies #486

	name: OSV-Scanner PR Scan

	# Change "main" to your default branch if you use a different name, i.e. "master"
	on:
	pull_request:
	branches: [master]
	merge_group:
	branches: [master]

	permissions:
	# Require writing security events to upload SARIF file to security tab
	security-events: write
	# Only need to read contents
	contents: read
	actions: read

	jobs:
	scan-pr:
	uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@f0e6719deb666cd19a0b56bc56d01161bd848b4f" # v1.8.5

Provide feedback