From 3fa178968643f1b4854c1bbda38ce113ce42c23e Mon Sep 17 00:00:00 2001
From: Jesse Seales <jseales@google.com>
Date: Wed, 14 Feb 2024 11:26:02 -0500
Subject: [PATCH] pin osv-scanner

---
 .github/workflows/third_party_scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/third_party_scan.yml b/.github/workflows/third_party_scan.yml
index 8545fd00dfdcb..3ebb193eb8bbc 100644
--- a/.github/workflows/third_party_scan.yml
+++ b/.github/workflows/third_party_scan.yml
@@ -41,7 +41,7 @@ jobs:
     name: Vulnerability scanning
     needs:
       extract-deps
-    uses: "google/osv-scanner/.github/workflows/osv-scanner-reusable.yml@main"
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.6.2-beta1"
     with:
       # Download the artifact uploaded in extract-deps step
       download-artifact: osv-lockfile-${{github.sha}}