diff --git a/template/.github/workflows/build.yml b/template/.github/workflows/build.yml index 9d994a0..39b4fbc 100644 --- a/template/.github/workflows/build.yml +++ b/template/.github/workflows/build.yml @@ -34,7 +34,7 @@ jobs: - name: Check package run: pixi run check-wheel - name: Upload package - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: artifact path: dist/* diff --git a/template/.github/workflows/scorecard.yml.jinja b/template/.github/workflows/scorecard.yml.jinja index 896fe96..b70d3e3 100644 --- a/template/.github/workflows/scorecard.yml.jinja +++ b/template/.github/workflows/scorecard.yml.jinja @@ -68,7 +68,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif diff --git a/template/.github/workflows/{% if add_autobump_workflow %}update-lockfiles.yml{% endif %} b/template/.github/workflows/{% if add_autobump_workflow %}update-lockfiles.yml{% endif %} index 1062c8e..06da992 100644 --- a/template/.github/workflows/{% if add_autobump_workflow %}update-lockfiles.yml{% endif %} +++ b/template/.github/workflows/{% if add_autobump_workflow %}update-lockfiles.yml{% endif %} @@ -21,7 +21,7 @@ jobs: run: | pixi update --json --no-install | pixi exec pixi-diff-to-markdown >> diff.md - name: Create pull request - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: Update pixi lockfile