From 48fbcc7740e99062dfb2e287863f4f0759e6aec2 Mon Sep 17 00:00:00 2001
From: Renovate Bot <renovate@nodus.to>
Date: Tue, 16 Jun 2026 03:33:40 +0000
Subject: [PATCH] chore(deps): pin dependencies

---
 .github/workflows/ci.yml          | 2 +-
 .github/workflows/claude.yml      | 2 +-
 .github/workflows/pr-autofix.yml  | 2 +-
 .github/workflows/release.yml     | 2 +-
 .github/workflows/secret-scan.yml | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a27ecda..7104c7f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -19,7 +19,7 @@ jobs:
         node: [20, 22, 24]
     steps:
       - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6
+      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6
         # Reads the pnpm version from package.json's `packageManager` field.
       - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index 40945df..adb14c4 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -15,7 +15,7 @@ on:
 
 jobs:
   claude:
-    uses: getnodus/workflow/.github/workflows/claude.yml@38be6980f5dd3ed24935b483a309206d85c0611f # main
+    uses: getnodus/workflow/.github/workflows/claude.yml@e4bc4747b352fdc3a0099c44cffdb972d105e785 # main
     permissions:
       contents: read
       pull-requests: read
diff --git a/.github/workflows/pr-autofix.yml b/.github/workflows/pr-autofix.yml
index 1483f17..99a75b1 100644
--- a/.github/workflows/pr-autofix.yml
+++ b/.github/workflows/pr-autofix.yml
@@ -13,7 +13,7 @@ on:
 
 jobs:
   call:
-    uses: getnodus/workflow/.github/workflows/pr-autofix.yml@38be6980f5dd3ed24935b483a309206d85c0611f # main
+    uses: getnodus/workflow/.github/workflows/pr-autofix.yml@e4bc4747b352fdc3a0099c44cffdb972d105e785 # main
     permissions:
       contents: write
       pull-requests: write
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7e93088..f84014e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
       discussions: write
     steps:
       - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6
+      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6
         # Reads the pnpm version from package.json's `packageManager` field.
       - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml
index 062fb69..e7afa4a 100644
--- a/.github/workflows/secret-scan.yml
+++ b/.github/workflows/secret-scan.yml
@@ -14,7 +14,7 @@ jobs:
     name: Scan for secrets
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
         with:
           fetch-depth: 0