build: update update workflow

To include a version number behind the actions with a SHA reference, so Dependabot will continue to update them from now on. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago · 940b5c4fb9
parent 5ab9c01378
commit 940b5c4fb9
1 changed files with 3 additions and 3 deletions
--- a/.github/workflows/update.yaml
+++ b/.github/workflows/update.yaml
@ -18,9 +18,9 @@ jobs:
      pull-requests: write
    steps:
      - name: Check out code
-        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
      - name: Setup Go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568
+        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
        with:
          go-version: 1.20.x
      - name: Update component versions
@ -81,7 +81,7 @@ jobs:

      - name: Create Pull Request
        id: cpr
-        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4
+        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
        with:
          token: ${{ secrets.BOT_GITHUB_TOKEN }}
          commit-message: |