[llvm] Update [Github] Update GHA Dependencies (PR #173804)

Mend Renovate via llvm-commits llvm-commits at lists.llvm.org
Sun Dec 28 16:23:06 PST 2025 

https://github.com/renovate-bot created https://github.com/llvm/llvm-project/pull/173804

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [EnricoMi/publish-unit-test-result-action](https://redirect.github.com/EnricoMi/publish-unit-test-result-action) | action | minor | `v2.21.0` -> `v2.22.0` |
| [actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance) | action | minor | `v3.0.0` -> `v3.1.0` |
| ghcr.io/llvm/ci-ubuntu-24.04-abi-tests | container | digest | `9138b6a` -> `933e952` |
| [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v4.31.6` -> `v4.31.9` |
| llvm/actions | action | digest | `5dd9550` -> `89a8cf8` |
| [tj-actions/changed-files](https://redirect.github.com/tj-actions/changed-files) | action | patch | `v47.0.0` -> `v47.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>EnricoMi/publish-unit-test-result-action (EnricoMi/publish-unit-test-result-action)</summary>

### [`v2.22.0`](https://redirect.github.com/EnricoMi/publish-unit-test-result-action/releases/tag/v2.22.0)

[Compare Source](https://redirect.github.com/EnricoMi/publish-unit-test-result-action/compare/v2.21.0...v2.22.0)

Adds the following improvements:

- Upgrade all Python dependencies to latest version [#​710](https://redirect.github.com/EnricoMi/publish-unit-test-result-action/issues/710)

**Full Changelog**: <https://github.com/EnricoMi/publish-unit-test-result-action/compare/v2.21.0...v2.22.0>

</details>

<details>
<summary>actions/attest-build-provenance (actions/attest-build-provenance)</summary>

### [`v3.1.0`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v3.1.0)

[Compare Source](https://redirect.github.com/actions/attest-build-provenance/compare/v3.0.0...v3.1.0)

#### What's Changed

- Prepare v3 release by [@​bdehamer](https://redirect.github.com/bdehamer) in [#​697](https://redirect.github.com/actions/attest-build-provenance/pull/697)
- Bump js-yaml from 3.14.1 to 3.14.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​749](https://redirect.github.com/actions/attest-build-provenance/pull/749)
- Bump tar from 7.5.1 to 7.5.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​753](https://redirect.github.com/actions/attest-build-provenance/pull/753)
- Bump glob from 10.4.5 to 10.5.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​754](https://redirect.github.com/actions/attest-build-provenance/pull/754)
- Bump [@​types/node](https://redirect.github.com/types/node) from 24.10.1 to 25.0.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​774](https://redirect.github.com/actions/attest-build-provenance/pull/774)
- Bump [@​actions/attest](https://redirect.github.com/actions/attest) from 1.6.0 to 2.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​736](https://redirect.github.com/actions/attest-build-provenance/pull/736)
- Bump [@​actions/attest](https://redirect.github.com/actions/attest) from 2.0.0 to 2.1.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​775](https://redirect.github.com/actions/attest-build-provenance/pull/775)
- Add support for creating artifact metadata storage records by [@​malancas](https://redirect.github.com/malancas) in [#​779](https://redirect.github.com/actions/attest-build-provenance/pull/779)

#### New Contributors

- [@​malancas](https://redirect.github.com/malancas) made their first contribution in [#​779](https://redirect.github.com/actions/attest-build-provenance/pull/779)

**Full Changelog**: <https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0>

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

### [`v4.31.9`](https://redirect.github.com/github/codeql-action/compare/v4.31.8...v4.31.9)

[Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.8...v4.31.9)

### [`v4.31.8`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.8)

[Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.7...v4.31.8)

##### CodeQL Action Changelog

See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.

##### 4.31.8 - 11 Dec 2025

- Update default CodeQL bundle version to 2.23.8. [#​3354](https://redirect.github.com/github/codeql-action/pull/3354)

See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md) for more information.

### [`v4.31.7`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.7)

[Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.6...v4.31.7)

##### CodeQL Action Changelog

See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.

##### 4.31.7 - 05 Dec 2025

- Update default CodeQL bundle version to 2.23.7. [#​3343](https://redirect.github.com/github/codeql-action/pull/3343)

See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md) for more information.

</details>

<details>
<summary>tj-actions/changed-files (tj-actions/changed-files)</summary>

### [`v47.0.1`](https://redirect.github.com/tj-actions/changed-files/releases/tag/v47.0.1)

[Compare Source](https://redirect.github.com/tj-actions/changed-files/compare/v47.0.0...v47.0.1)

#### What's Changed

- Upgraded to v47 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​2663](https://redirect.github.com/tj-actions/changed-files/pull/2663)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.3.1 to 24.4.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2664](https://redirect.github.com/tj-actions/changed-files/pull/2664)
- chore(deps-dev): bump ts-jest from 29.4.1 to 29.4.3 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2671](https://redirect.github.com/tj-actions/changed-files/pull/2671)
- chore(deps-dev): bump [@​vercel/ncc](https://redirect.github.com/vercel/ncc) from 0.38.3 to 0.38.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2670](https://redirect.github.com/tj-actions/changed-files/pull/2670)
- chore(deps-dev): bump [@​types/uuid](https://redirect.github.com/types/uuid) from 10.0.0 to 11.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2668](https://redirect.github.com/tj-actions/changed-files/pull/2668)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.4.0 to 24.5.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2669](https://redirect.github.com/tj-actions/changed-files/pull/2669)
- chore(deps): bump github/codeql-action from 3.30.3 to 3.30.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2675](https://redirect.github.com/tj-actions/changed-files/pull/2675)
- chore(deps-dev): bump ts-jest from 29.4.3 to 29.4.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2672](https://redirect.github.com/tj-actions/changed-files/pull/2672)
- chore(deps): bump github/codeql-action from 3.30.4 to 3.30.5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2676](https://redirect.github.com/tj-actions/changed-files/pull/2676)
- chore(deps-dev): bump jest from 30.1.3 to 30.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2677](https://redirect.github.com/tj-actions/changed-files/pull/2677)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.5.2 to 24.6.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2679](https://redirect.github.com/tj-actions/changed-files/pull/2679)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.6.1 to 24.6.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2681](https://redirect.github.com/tj-actions/changed-files/pull/2681)
- chore(deps): bump github/codeql-action from 3.30.5 to 3.30.6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2680](https://redirect.github.com/tj-actions/changed-files/pull/2680)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.6.2 to 24.9.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2695](https://redirect.github.com/tj-actions/changed-files/pull/2695)
- chore(deps): bump github/codeql-action from 3.30.6 to 4.30.9 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2693](https://redirect.github.com/tj-actions/changed-files/pull/2693)
- chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2690](https://redirect.github.com/tj-actions/changed-files/pull/2690)
- chore(deps): bump github/codeql-action from 4.30.9 to 4.31.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2702](https://redirect.github.com/tj-actions/changed-files/pull/2702)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.9.1 to 24.9.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2700](https://redirect.github.com/tj-actions/changed-files/pull/2700)
- chore(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2698](https://redirect.github.com/tj-actions/changed-files/pull/2698)
- chore(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2697](https://redirect.github.com/tj-actions/changed-files/pull/2697)
- chore(deps-dev): bump [@​types/micromatch](https://redirect.github.com/types/micromatch) from 4.0.9 to 4.0.10 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2699](https://redirect.github.com/tj-actions/changed-files/pull/2699)
- chore(deps-dev): bump ts-jest from 29.4.4 to 29.4.5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2688](https://redirect.github.com/tj-actions/changed-files/pull/2688)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.9.2 to 24.10.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2707](https://redirect.github.com/tj-actions/changed-files/pull/2707)
- chore(deps): bump [@​octokit/rest](https://redirect.github.com/octokit/rest) from 22.0.0 to 22.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2705](https://redirect.github.com/tj-actions/changed-files/pull/2705)
- chore(deps-dev): bump eslint-plugin-jest from 29.0.1 to 29.1.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2710](https://redirect.github.com/tj-actions/changed-files/pull/2710)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.10.0 to 24.10.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2711](https://redirect.github.com/tj-actions/changed-files/pull/2711)
- chore(deps): bump github/codeql-action from 4.31.2 to 4.31.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2715](https://redirect.github.com/tj-actions/changed-files/pull/2715)
- chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2714](https://redirect.github.com/tj-actions/changed-files/pull/2714)
- chore(deps): bump nrwl/nx-set-shas from 4.3.3 to 4.4.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2712](https://redirect.github.com/tj-actions/changed-files/pull/2712)
- chore(deps-dev): bump prettier from 3.6.2 to 3.7.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2722](https://redirect.github.com/tj-actions/changed-files/pull/2722)
- chore(deps): bump github/codeql-action from 4.31.4 to 4.31.5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2720](https://redirect.github.com/tj-actions/changed-files/pull/2720)
- chore(deps-dev): bump eslint-plugin-jest from 29.1.0 to 29.2.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2719](https://redirect.github.com/tj-actions/changed-files/pull/2719)
- chore(deps-dev): bump [@​types/lodash](https://redirect.github.com/types/lodash) from 4.17.20 to 4.17.21 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2718](https://redirect.github.com/tj-actions/changed-files/pull/2718)
- chore(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2717](https://redirect.github.com/tj-actions/changed-files/pull/2717)
- Updated README.md by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​2723](https://redirect.github.com/tj-actions/changed-files/pull/2723)
- chore(deps): bump yaml from 2.8.1 to 2.8.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2724](https://redirect.github.com/tj-actions/changed-files/pull/2724)
- chore(deps-dev): bump [@​types/node](https://redirect.github.com/types/node) from 24.10.1 to 25.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2738](https://redirect.github.com/tj-actions/changed-files/pull/2738)
- chore(deps): bump [@​actions/exec](https://redirect.github.com/actions/exec) from 1.1.1 to 2.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2737](https://redirect.github.com/tj-actions/changed-files/pull/2737)
- chore(deps-dev): bump ts-jest from 29.4.5 to 29.4.6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2727](https://redirect.github.com/tj-actions/changed-files/pull/2727)
- chore(deps): bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2735](https://redirect.github.com/tj-actions/changed-files/pull/2735)
- chore(deps): bump github/codeql-action from 4.31.5 to 4.31.7 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2732](https://redirect.github.com/tj-actions/changed-files/pull/2732)
- chore(deps): bump actions/setup-node from 6.0.0 to 6.1.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2730](https://redirect.github.com/tj-actions/changed-files/pull/2730)
- chore(deps-dev): bump prettier from 3.7.1 to 3.7.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2731](https://redirect.github.com/tj-actions/changed-files/pull/2731)
- chore(deps): bump [@​actions/core](https://redirect.github.com/actions/core) from 1.11.1 to 2.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2736](https://redirect.github.com/tj-actions/changed-files/pull/2736)
- chore(deps): bump actions/checkout from 6.0.0 to 6.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2729](https://redirect.github.com/tj-actions/changed-files/pull/2729)

**Full Changelog**: <https://github.com/tj-actions/changed-files/compare/v47...v47.0.1>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Between 12:00 AM and 12:59 AM, only on Monday ( * 0 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/llvm/llvm-project).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->


>From 7c896dfd982bbd9fd243bc06896827c6b159c8df Mon Sep 17 00:00:00 2001
From: Mend Renovate <bot at renovateapp.com>
Date: Mon, 29 Dec 2025 00:22:53 +0000
Subject: [PATCH] Update [Github] Update GHA Dependencies

---
 .github/workflows/docs.yml                           | 2 +-
 .github/workflows/gha-codeql.yml                     | 4 ++--
 .github/workflows/hlsl-test-all.yaml                 | 2 +-
 .github/workflows/libclang-abi-tests.yml             | 4 ++--
 .github/workflows/llvm-abi-tests.yml                 | 4 ++--
 .github/workflows/new-issues.yml                     | 2 +-
 .github/workflows/pr-code-format.yml                 | 2 +-
 .github/workflows/pr-code-lint.yml                   | 2 +-
 .github/workflows/scorecard.yml                      | 2 +-
 .github/workflows/upload-release-artifact/action.yml | 2 +-
 10 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index d994fc478009e..010f4b7d9c624 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -60,7 +60,7 @@ jobs:
           fetch-depth: 2
       - name: Get subprojects that have doc changes
         id: docs-changed-subprojects
-        uses: tj-actions/changed-files at 24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47.0.0
+        uses: tj-actions/changed-files at e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
         with:
           skip_initial_fetch: true
           base_sha: 'HEAD~1'
diff --git a/.github/workflows/gha-codeql.yml b/.github/workflows/gha-codeql.yml
index 10da1838cfeb3..7ae8b47de1e5a 100644
--- a/.github/workflows/gha-codeql.yml
+++ b/.github/workflows/gha-codeql.yml
@@ -29,9 +29,9 @@ jobs:
           sparse-checkout: |
             .github/
       - name: Initialize CodeQL
-        uses: github/codeql-action/init at fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/init at 5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
         with:
           languages: actions
           queries: security-extended
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze at fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/analyze at 5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
diff --git a/.github/workflows/hlsl-test-all.yaml b/.github/workflows/hlsl-test-all.yaml
index c8f948f97b95a..79b1276f4218a 100644
--- a/.github/workflows/hlsl-test-all.yaml
+++ b/.github/workflows/hlsl-test-all.yaml
@@ -75,7 +75,7 @@ jobs:
             ninja check-hlsl-unit
             ninja ${{ inputs.TestTarget }}
       - name: Publish Test Results
-        uses: EnricoMi/publish-unit-test-result-action/macos at 34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2.21.0
+        uses: EnricoMi/publish-unit-test-result-action/macos at 27d65e188ec43221b20d26de30f4892fad91df2f # v2.22.0
         if: always() && runner.os == 'macOS'
         with:
           comment_mode: off
diff --git a/.github/workflows/libclang-abi-tests.yml b/.github/workflows/libclang-abi-tests.yml
index 504c1eaa32028..3dfa70d368c42 100644
--- a/.github/workflows/libclang-abi-tests.yml
+++ b/.github/workflows/libclang-abi-tests.yml
@@ -85,7 +85,7 @@ jobs:
     needs: abi-dump-setup
     runs-on: ubuntu-24.04
     container:
-      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:9138b6aea737d935e92ad2afdf5d49325880f9b187b5b979b135ac80cd456135" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
+      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:933e9522ef13ad26c22b4e5a49fac968d553bf1c3d4b90e29acec9b30b7b0f9d" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
     strategy:
       matrix:
         name:
@@ -129,7 +129,7 @@ jobs:
     if: github.repository_owner == 'llvm'
     runs-on: ubuntu-24.04
     container:
-      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:9138b6aea737d935e92ad2afdf5d49325880f9b187b5b979b135ac80cd456135" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
+      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:933e9522ef13ad26c22b4e5a49fac968d553bf1c3d4b90e29acec9b30b7b0f9d" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
     needs:
       - abi-dump-setup
       - abi-dump
diff --git a/.github/workflows/llvm-abi-tests.yml b/.github/workflows/llvm-abi-tests.yml
index d29b7e01f3cc4..c99419f9a1910 100644
--- a/.github/workflows/llvm-abi-tests.yml
+++ b/.github/workflows/llvm-abi-tests.yml
@@ -73,7 +73,7 @@ jobs:
     needs: abi-dump-setup
     runs-on: ubuntu-24.04
     container:
-      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:9138b6aea737d935e92ad2afdf5d49325880f9b187b5b979b135ac80cd456135" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:bb0bd382ab2b"
+      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:933e9522ef13ad26c22b4e5a49fac968d553bf1c3d4b90e29acec9b30b7b0f9d" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:bb0bd382ab2b"
     strategy:
       matrix:
         name:
@@ -133,7 +133,7 @@ jobs:
     if: github.repository_owner == 'llvm'
     runs-on: ubuntu-24.04
     container:
-      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:9138b6aea737d935e92ad2afdf5d49325880f9b187b5b979b135ac80cd456135" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:bb0bd382ab2b
+      image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests at sha256:933e9522ef13ad26c22b4e5a49fac968d553bf1c3d4b90e29acec9b30b7b0f9d" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:bb0bd382ab2b
     needs:
       - abi-dump-setup
       - abi-dump
diff --git a/.github/workflows/new-issues.yml b/.github/workflows/new-issues.yml
index cbcf042ac53c1..3b372a632e3c8 100644
--- a/.github/workflows/new-issues.yml
+++ b/.github/workflows/new-issues.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-24.04
     if: github.repository == 'llvm/llvm-project'
     steps:
-      - uses: llvm/actions/issue-labeler at 5dd955034a6742a2e21d82bf165fcb1050ae7b49 # main
+      - uses: llvm/actions/issue-labeler at 89a8cf80982d830faab019237860b344a6390c30 # main
         with:
           repo-token: ${{ secrets.ISSUE_SUBSCRIBER_TOKEN }}
           configuration-path: .github/new-issues-labeler.yml
diff --git a/.github/workflows/pr-code-format.yml b/.github/workflows/pr-code-format.yml
index d65b196a34e6c..d4e338d778e5c 100644
--- a/.github/workflows/pr-code-format.yml
+++ b/.github/workflows/pr-code-format.yml
@@ -27,7 +27,7 @@ jobs:
 
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files at 24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47.0.0
+        uses: tj-actions/changed-files at e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
         with:
           separator: ","
           skip_initial_fetch: true
diff --git a/.github/workflows/pr-code-lint.yml b/.github/workflows/pr-code-lint.yml
index b314f740e59de..445a9638d2dc2 100644
--- a/.github/workflows/pr-code-lint.yml
+++ b/.github/workflows/pr-code-lint.yml
@@ -34,7 +34,7 @@ jobs:
       
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files at 24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47.0.0
+        uses: tj-actions/changed-files at e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
         with:
           separator: ","
           skip_initial_fetch: true
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index fc1a4ff31c88e..7317e126279ff 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -57,6 +57,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif at fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/upload-sarif at 5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/upload-release-artifact/action.yml b/.github/workflows/upload-release-artifact/action.yml
index e8d00d0858395..7f2f485e9e02e 100644
--- a/.github/workflows/upload-release-artifact/action.yml
+++ b/.github/workflows/upload-release-artifact/action.yml
@@ -62,7 +62,7 @@ runs:
 
     - name: Attest Build Provenance
       id: provenance
-      uses: actions/attest-build-provenance at 977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
+      uses: actions/attest-build-provenance at 00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
       with:
         subject-path: ${{ steps.download-artifact.outputs.download-path }}/*

More information about the llvm-commits mailing list