From ee7f40198e835b05dd29b03d4541c1c71508dbc1 Mon Sep 17 00:00:00 2001
From: "eclipse-otterdog[bot]"
 <158182605+eclipse-otterdog[bot]@users.noreply.github.com>
Date: Thu, 4 Jun 2026 10:15:09 +0000
Subject: [PATCH 1/2] Pinning workflow .github/workflows/lint.yml

---
 .github/workflows/lint.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 38b4df1..8c86841 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -21,11 +21,11 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
 
 
       - name: Set up Python
-        uses: actions/setup-python@v3
+        uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3.1.4
         with:
           python-version: '3.x'
 

From 686ea6c38f8dff9effe18860cc633c560fb6dc18 Mon Sep 17 00:00:00 2001
From: "eclipse-otterdog[bot]"
 <158182605+eclipse-otterdog[bot]@users.noreply.github.com>
Date: Thu, 4 Jun 2026 10:15:10 +0000
Subject: [PATCH 2/2] Pinning workflow .github/workflows/python-publish.yml

---
 .github/workflows/python-publish.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index e03e406..6b9b314 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -23,10 +23,10 @@ jobs:
 
     steps:
     - name: Checkout code
-      uses: actions/checkout@v3
+      uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
 
     - name: Set up Apache Maven Central
-      uses: actions/setup-java@v3
+      uses: actions/setup-java@17f84c3641ba7b8f6deff6309fc4c864478f5d62 # v3.14.1
       with: # configure settings.xml
         distribution: 'temurin'
         java-version: '11'
@@ -35,7 +35,7 @@ jobs:
         server-password: OSSRH_PASSWORD
 
     - name: Set up Python
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3.1.4
       with:
         python-version: '3.x'
 
@@ -59,7 +59,7 @@ jobs:
       run: poetry build
 
     - name: Publish package
-      uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29
+      uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29 # v1.4.2
       with:
         user: __token__
         password: ${{ secrets.PYPI_TOKEN }}