From 266e1fcb8c411df7629628caa425a8d0c5411fc3 Mon Sep 17 00:00:00 2001
From: Greg Sjaardema <gdsjaar@sandia.gov>
Date: Tue, 15 Oct 2024 14:08:14 -0600
Subject: [PATCH] CI: Add harden runner to clang-format

---
 .github/workflows/clang-format.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/clang-format.yml b/.github/workflows/clang-format.yml
index b7ca3cd126..64457d9e88 100644
--- a/.github/workflows/clang-format.yml
+++ b/.github/workflows/clang-format.yml
@@ -29,6 +29,11 @@ jobs:
     permissions:
         contents: write # In order to allow EndBug/add-and-commit to commit changes
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
     - name: Fix C++ and C formatting issues detected by clang-format