From 6e7079b5efa2a0d77661939aed06c02bcfd84efa Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 20 Apr 2026 09:04:41 +0000
Subject: [PATCH] Update github actions

---
 .github/workflows/build.yaml         | 4 ++--
 .github/workflows/label-pr-size.yaml | 2 +-
 .github/workflows/scorecards.yml     | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 6f61567a..9f9ca9a1 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -33,14 +33,14 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup NodeJS environment
-        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: 'antora/package.json'
           cache: 'npm'
           cache-dependency-path: 'antora/package-lock.json'
 
       - name: Setup Go environment
-        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
+        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version-file: website/go.mod
           cache: true
diff --git a/.github/workflows/label-pr-size.yaml b/.github/workflows/label-pr-size.yaml
index 9df05b5c..226cf53c 100644
--- a/.github/workflows/label-pr-size.yaml
+++ b/.github/workflows/label-pr-size.yaml
@@ -29,4 +29,4 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Label PR by size
-        uses: conforma/pr-size-label-action@v1.0.0
+        uses: conforma/pr-size-label-action@v1.2.0
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 10dcbfb8..ea7652aa 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
         with:
           egress-policy: audit
           disable-telemetry: true
@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
+        uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           sarif_file: results.sarif