diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1ff6f62..7a98ff6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: run: npm ci - name: Create Release PR or publish to GitHub Releases - uses: changesets/action@63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b # v1 + uses: changesets/action@a45c4d594aa4e2c509dc14a9f2b3b67ba3780d0d # v1 with: # `version` updates package.json + CHANGELOG.md from pending changesets # and opens / updates a "Version Packages" PR. Merging that PR triggers diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 51cf914..100169d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 - name: Run gitleaks - uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2 + uses: gitleaks/gitleaks-action@e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e # v3.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_CONFIG: .gitleaks.toml