chore(deps): update github-actions

.github/workflows/auto-update-contributors.yml

@@ -18,7 +18,7 @@ jobs:
     timeout-minutes: 5
     steps:
       - name: Contribute List
-        uses: akhilmhdh/contributors-readme-action@098389139f2fabed92e52606268941dbff381edb # renovate: tag=v2.3.6
+        uses: akhilmhdh/contributors-readme-action@1ff4c56187458b34cd602aee93e897344ce34bfc # v2.3.10
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           use_username: true

.github/workflows/cache-trunk.yml

@@ -22,6 +22,6 @@ jobs:
       - name: Checkout
         uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
       - name: Trunk Check
-        uses: trunk-io/trunk-action@65228585e2c6128315f0f2d5190e2eae7f5c32c6 # v1
+        uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1
         with:
           check-mode: populate_cache_only

.github/workflows/changie-trigger-release.yml

@@ -17,7 +17,7 @@ jobs:
     name: dependency-release
     steps:
       - name: checkout-repo
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
         with:
           fetch-depth: 0 # Ensures a full checkout
       - name: configure-default-git-committer

.github/workflows/conventional-pr.yml

@@ -19,7 +19,7 @@ jobs:
     permissions:
       pull-requests: read
     steps:
-      - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5
+      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

.github/workflows/lint-post-annotations.yml

@@ -17,6 +17,6 @@ jobs:
         uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
 
       - name: Trunk Check
-        uses: trunk-io/trunk-action@718b71fb3e4d83f6734f0c372d92ee7d4c9976d7 # v1.1.11
+        uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16
         with:
           post-annotations: true # only for fork PRs

.github/workflows/lint.yml

@@ -41,6 +41,6 @@ jobs:
           AQUA_LOG_LEVEL: debug
           AQUA_OPTS: ''
       - name: trunk-check
-        uses: trunk-io/trunk-action@718b71fb3e4d83f6734f0c372d92ee7d4c9976d7 # v1.1.11
+        uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16
         with:
           arguments: --github-annotate-new-only=true

.github/workflows/scan.yml

@@ -53,7 +53,7 @@ jobs:
       # This should be informational, and not block as it's experimental and no exclusion logic at this time that I've found.
       # https://go.dev/security/vuln/#feedback
       - name: govuln-scan
-        uses: elgohr/go-vulncheck-action@7221c716360fe4f53422dc89fb726d138cd0a27b # renovate tag=v1
+        uses: elgohr/go-vulncheck-action@e73217f293105d5418d631c4d308eb0c27943f1d # renovate tag=v1
         continue-on-error: true
       # - name: mage-vulcheck
       #   run: |
@@ -76,7 +76,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2
+        uses: github/codeql-action/init@e113c555ef0956479345cfc3ed530c938d670db0 # v2
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -89,7 +89,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2
+        uses: github/codeql-action/autobuild@e113c555ef0956479345cfc3ed530c938d670db0 # v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -101,6 +101,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2
+        uses: github/codeql-action/analyze@e113c555ef0956479345cfc3ed530c938d670db0 # v2
         with:
           category: '/language:${{matrix.language}}'