Merge pull request #2545 from theupdateframework/dependabot/github_ac…

…tions/action-dependencies-61aaf34304 build(deps): bump the action-dependencies group with 2 updates
theupdateframework · Jan 23, 2024 · aec57af · aec57af
2 parents bbe2ca8 + ef913dc
commit aec57af
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -34,7 +34,7 @@ jobs:
         run: PIP_CONSTRAINT=requirements/build.txt python3 -m build --sdist --wheel --outdir dist/ .
 
       - name: Store build artifacts
-        uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0
+        uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
         # NOTE: The GitHub release page contains the release artifacts too, but using
         # GitHub upload/download actions seems robuster: there is no need to compute
         # download URLs and tampering with artifacts between jobs is more limited.

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -18,4 +18,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v3 # unpinned since this is not security critical
+        uses: actions/dependency-review-action@v4 # unpinned since this is not security critical