From 940b5c4fb9845f0ef99a672011c25a00a6df0d6c Mon Sep 17 00:00:00 2001
From: Hidde Beydals <hidde@hhh.computer>
Date: Wed, 8 Mar 2023 19:57:13 +0100
Subject: [PATCH] build: update update workflow

To include a version number behind the actions with a SHA reference, so
Dependabot will continue to update them from now on.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
---
 .github/workflows/update.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/update.yaml b/.github/workflows/update.yaml
index 5de2bb60..234cdabc 100644
--- a/.github/workflows/update.yaml
+++ b/.github/workflows/update.yaml
@@ -18,9 +18,9 @@ jobs:
       pull-requests: write
     steps:
       - name: Check out code
-        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
       - name: Setup Go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568
+        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
         with:
           go-version: 1.20.x
       - name: Update component versions
@@ -81,7 +81,7 @@ jobs:
 
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4
+        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
         with:
           token: ${{ secrets.BOT_GITHUB_TOKEN }}
           commit-message: |