diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index b37ddc2..25e3791 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -16,7 +16,7 @@ jobs: security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files. steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/check-update-uv-lock/action.yml b/check-update-uv-lock/action.yml index b9f87b4..d481cd3 100644 --- a/check-update-uv-lock/action.yml +++ b/check-update-uv-lock/action.yml @@ -12,7 +12,7 @@ runs: using: "composite" steps: - name: Install uv - uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 - name: Check if uv lock is up to date shell: bash id: check_uv_lock diff --git a/setup-deploy/action.yml b/setup-deploy/action.yml index 569b33b..624b994 100644 --- a/setup-deploy/action.yml +++ b/setup-deploy/action.yml @@ -19,7 +19,7 @@ runs: using: "composite" steps: - name: Clone ${{ inputs.repo }} repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ inputs.git-pat }} path: ${{ inputs.repo }}