chore(deps): update workflows

renovate[bot] · web-flow · commit 1776a73cdeb7 · 2026-04-10T17:38:56.000Z
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -45,11 +45,11 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: astral-sh/ruff-action@57714a7c8a2e59f32539362ba31877a1957dded1 # v3.5.1
+      - uses: astral-sh/ruff-action@4919ec5cf1f49eff0871dbcea0da843445b837e6 # v3.6.1
         with:
           version-file: 'pyproject.toml'
           args: 'check'
-      - uses: astral-sh/ruff-action@57714a7c8a2e59f32539362ba31877a1957dded1 # v3.5.1
+      - uses: astral-sh/ruff-action@4919ec5cf1f49eff0871dbcea0da843445b837e6 # v3.6.1
         with:
           version-file: 'pyproject.toml'
           args: 'format --check --diff'
@@ -107,5 +107,5 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
       - run: npx prettier --check .
diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml
@@ -36,7 +36,7 @@ jobs:
           echo "🤖 beep boop - looks like there's some changes to the advisories!" > pr-body
           echo "" >> pr-body
           poetry run scripts/list_changed_advisories.py >> pr-body
-      - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+      - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
         with:
           token: ${{ secrets.GENERATOR_GH_TOKEN }}
           title: 'feat: update advisories'
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -75,6 +75,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
+        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
         with:
           sarif_file: results.sarif
