diff --git a/.github/workflows/EVENT_pull_request.yml b/.github/workflows/EVENT_pull_request.yml
index 7c9f50e40..b7ea05bed 100644
--- a/.github/workflows/EVENT_pull_request.yml
+++ b/.github/workflows/EVENT_pull_request.yml
@@ -14,7 +14,6 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-
   get_changed_files:
     name: Get changed files
     uses: ./.github/workflows/JOB_get_changed_files.yml
@@ -24,6 +23,7 @@ jobs:
   format:
     name: Check format of python
     needs: get_changed_files
+    if: needs.get_changed_files.outputs.python_changed_files != ''
     uses: ./.github/workflows/JOB_format.yml
     with:
       files: ${{ needs.get_changed_files.outputs.python_changed_files }}
@@ -33,23 +33,17 @@ jobs:
   lint:
     name: Lint python
     needs: get_changed_files
+    if: needs.get_changed_files.outputs.python_changed_files != ''
     uses: ./.github/workflows/JOB_lint.yml
     with:
       files: ${{ needs.get_changed_files.outputs.python_changed_files }}
     permissions:
       contents: read
 
-  # typecheck:
-  #   name: Analyse types in python
-  #   needs: get_changed_files
-  #   uses: ./.github/workflows/JOB_typecheck.yml
-  #   with:
-  #     files: ${{ needs.get_changed_files.outputs.python_changed_files }}
-  #   permissions:
-  #     contents: read
-
   run_tests:
     name: Run tests
+    needs: get_changed_files
+    if: needs.get_changed_files.outputs.python_changed_files != ''
     uses: ./.github/workflows/JOB_tests.yml
     permissions:
       contents: read
diff --git a/.github/workflows/version_bump.yml b/.github/workflows/version_bump.yml
index 1a720002b..26fb890ff 100644
--- a/.github/workflows/version_bump.yml
+++ b/.github/workflows/version_bump.yml
@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@v2.10.4
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e
         with:
           egress-policy: audit