From 4d8a1d7619e2b6482542fef857d960153042ed77 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 19 Mar 2024 22:18:45 +0100
Subject: [PATCH 1/2] Enable dependabot

To make sure our actions stay up to date
---
 .github/dependabot.yml | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..8533557df
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    open-pull-requests-limit: 2

From 3fc9239a81fa17ed17533be8fb99680b9e8204fc Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 19 Mar 2024 22:21:20 +0100
Subject: [PATCH 2/2] ci: Pull in specific action commits

Let's copy what the systemd repo does. The specific commits are
the same ones used by the systemd repository.
---
 .github/workflows/ci.yml                      | 4 ++--
 .github/workflows/codeql.yml                  | 8 ++++----
 .github/workflows/differential-shellcheck.yml | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8abeffd09..054e9dfee 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ jobs:
       group: ${{ github.workflow }}-${{ github.ref }}
       cancel-in-progress: true
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
 
     - name: Install
       run: |
@@ -122,7 +122,7 @@ jobs:
             tools: arch
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
     - uses: ./
 
     # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 24b572726..54d1d7bac 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,16 +32,16 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c
       with:
         languages: ${{ matrix.language }}
         queries: +security-extended,security-and-quality
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@3ab4101902695724f9365a384f86c1074d94e18c
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c
diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml
index 84dcf5355..37f1dafcb 100644
--- a/.github/workflows/differential-shellcheck.yml
+++ b/.github/workflows/differential-shellcheck.yml
@@ -22,11 +22,11 @@ jobs:
 
     steps:
       - name: Repository checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
         with:
           fetch-depth: 0
 
       - name: Differential ShellCheck
-        uses: redhat-plumbers-in-action/differential-shellcheck@v4
+        uses: redhat-plumbers-in-action/differential-shellcheck@b9df2a9417f69c056e0aeaf870abd9a2065a403e
         with:
           token: ${{ secrets.GITHUB_TOKEN }}