From fbd55967e54701b3948b6b6b15962b2cc09294e8 Mon Sep 17 00:00:00 2001
From: Emmanuel Engelhart <kelson@kiwix.org>
Date: Mon, 29 Jul 2024 09:39:37 +0200
Subject: [PATCH] Add howto comment to pin depedencies

---
 .github/workflows/package.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index 45cef504..83cc9a38 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -22,6 +22,8 @@ jobs:
           - ubuntu-noble
           - ubuntu-jammy
           - ubuntu-focal
+
+    # Pin your dependencies with https://github.com/mheap/pin-github-action
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # pin@v2