PandABlocks · dependabot · Jun 17, 2024
diff --git a/.github/workflows/_container.yml b/.github/workflows/_container.yml
@@ -25,7 +25,7 @@ jobs:
  password: ${{ secrets.GITHUB_TOKEN }}
 
  - name: Build and export to Docker local cache
- uses: docker/build-push-action@v5
+ uses: docker/build-push-action@v6
  with:
  context: .
  # Need load and tags so we can test it below
@@ -46,7 +46,7 @@ jobs:
 
  - name: Push cached image to container registry
  if: github.ref_type == 'tag'
- uses: docker/build-push-action@v5
+ uses: docker/build-push-action@v6
  # This does not build the image again, it will find the image in the
  # Docker cache and publish it
  with:

diff --git a/.github/workflows/_docs.yml b/.github/workflows/_docs.yml
@@ -47,7 +47,7 @@ jobs:
  if: github.ref_type == 'tag' || github.ref_name == 'main'
  # We pin to the SHA, not the tag, for security reasons.
  # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
- uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
+ uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
  with:
  github_token: ${{ secrets.GITHUB_TOKEN }}
  publish_dir: .github/pages

diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml
@@ -23,7 +23,7 @@ jobs:
  - name: Create GitHub Release
  # We pin to the SHA, not the tag, for security reasons.
  # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
- uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
+ uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v0.1.15
  with:
  prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
  files: "*"