Skip to content

Commit 7a8c9a2

Browse files
authored
Update GitHub Actions to use newer versions of checkout and zizmor
I don't know why dependabot didn't bump these, when it just did in another public repo I'm working on with the same dependabot config… Signed-off-by: Colin Dean <colindean@users.noreply.github.com>
1 parent 1ef1310 commit 7a8c9a2

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

.github/workflows/zizmor.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,9 @@ jobs:
1818
# actions: read # Only needed for private repos. Needed for upload-sarif to read workflow run info.
1919
steps:
2020
- name: Checkout repository
21-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
21+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2222
with:
2323
persist-credentials: false
2424

2525
- name: Run zizmor 🌈
26-
uses: zizmorcore/zizmor-action@e673c3917a1aef3c65c972347ed84ccd013ecda4 # v0.2.0
26+
uses: zizmorcore/zizmor-action@135698455da5c3b3e55f73f4419e481ab68cdd95 # v0.4.1

0 commit comments

Comments
 (0)