chore(deps): pin dependencies (#15)

renovate-bot · averikitsch · web-flow · commit 2dfe1b6d8edf · 2025-09-30T10:04:09.000-07:00
Co-authored-by: Averi Kitsch &lt;akitsch@google.com&gt;
diff --git a/.github/workflows/markdown-checks.yml b/.github/workflows/markdown-checks.yml
@@ -27,7 +27,7 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
 
       - name: Link Checker
-        uses: lycheeverse/lychee-action@v2.0.2
+        uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2.6.1
         with:
           # There is no security token. So, it would fail on any links which aren't public.
           args: "--verbose --no-progress **/*.md"
diff --git a/.github/workflows/package-and-upload-assets.yml b/.github/workflows/package-and-upload-assets.yml
@@ -102,7 +102,7 @@ jobs:
           echo "ARCHIVE_PATH=${ARCHIVE_NAME}" >> $GITHUB_OUTPUT
 
       - name: Upload archive as workflow artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         with:
           name: ${{ steps.vars.outputs.archive_name }}
           path: ${{ steps.create_archive.outputs.ARCHIVE_PATH }}
