From 68d0f01570d84e1a2febd6e0b3fd8383f58c3989 Mon Sep 17 00:00:00 2001
From: Typpi <20943337+Nick2bad4u@users.noreply.github.com>
Date: Sun, 2 Jun 2024 11:25:25 -0400
Subject: [PATCH] Update python-app.yml

---
 .github/workflows/python-app.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml
index e4c26c9..dfbde74 100644
--- a/.github/workflows/python-app.yml
+++ b/.github/workflows/python-app.yml
@@ -21,7 +21,14 @@ jobs:
     - name: Harden Runner
       uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
       with:
-        egress-policy: audit
+        disable-sudo: true
+        egress-policy: block
+        allowed-endpoints: >
+          api.github.com:443
+          files.pythonhosted.org:443
+          github.com:443
+          objects.githubusercontent.com:443
+          pypi.org:443
 
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - name: Set up Python 3.11.8