From 427820b4769b9c2b26ce62e92fbaecb4fa23368d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 8 Jan 2025 01:28:13 +0000
Subject: [PATCH] Pin dependencies

---
 .github/workflows/pixi.yml             |  4 ++--
 .github/workflows/pre-commit.yml       |  6 +++---
 .github/workflows/publish.yml          |  8 ++++----
 .github/workflows/test_and_package.yml | 12 ++++++------
 4 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/pixi.yml b/.github/workflows/pixi.yml
index 66f38f7..2f425ff 100644
--- a/.github/workflows/pixi.yml
+++ b/.github/workflows/pixi.yml
@@ -20,12 +20,12 @@ jobs:
           - macos-latest
           - ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           # so versioningit can figure out the version
           fetch-depth: 0
           fetch-tags: true
-      - uses: prefix-dev/setup-pixi@v0.8.1
+      - uses: prefix-dev/setup-pixi@ba3bb36eb2066252b2363392b7739741bb777659 # v0.8.1
         # with:
         #   cache: true
         #   cache-write: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
index 795bdfe..243b0b6 100644
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -13,6 +13,6 @@ jobs:
   pre-commit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-      - uses: pre-commit/action@v3.0.1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
+      - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 459a3c8..83f61e4 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -37,7 +37,7 @@ jobs:
 
     steps:
       - name: Download all the dists
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
         with:
           name: python-package-distributions-${{ env.PYTHON_VERSION }}
           path: dist/
@@ -65,7 +65,7 @@ jobs:
 
     steps:
       - name: Download all the dists
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
         with:
           name: python-package-distributions-${{ env.PYTHON_VERSION }}
           path: dist/
@@ -90,12 +90,12 @@ jobs:
 
     steps:
       - name: Download all the dists
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
         with:
           name: python-package-distributions-${{ env.PYTHON_VERSION }}
           path: dist/
       - name: Sign the dists with Sigstore
-        uses: sigstore/gh-action-sigstore-python@v3.0.0
+        uses: sigstore/gh-action-sigstore-python@f514d46b907ebcd5bedc05145c03b69c1edd8b46 # v3.0.0
         with:
           inputs: >-
             ./dist/*.tar.gz
diff --git a/.github/workflows/test_and_package.yml b/.github/workflows/test_and_package.yml
index 1409f19..7072776 100644
--- a/.github/workflows/test_and_package.yml
+++ b/.github/workflows/test_and_package.yml
@@ -32,13 +32,13 @@ jobs:
       run:
         shell: "bash -l {0}"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           # so versioningit can figure out the version
           fetch-depth: 0
           fetch-tags: true
       - name: Set up Python ${{ matrix.python-version }} with conda
-        uses: conda-incubator/setup-miniconda@v3
+        uses: conda-incubator/setup-miniconda@d2e6a045a86077fb6cad6f5adf368e9076ddaa8d # v3
         with:
           activate-environment: test
           auto-activate-base: false
@@ -66,7 +66,7 @@ jobs:
           cd docs
           make html
       - name: GitHub Pages deploy
-        uses: JamesIves/github-pages-deploy-action@v4.7.2
+        uses: JamesIves/github-pages-deploy-action@15de0f09300eea763baee31dff6c6184995c5f6a # v4.7.2
         with:
           branch: gh-pages
           folder: docs/build/html
@@ -81,7 +81,7 @@ jobs:
         run: |
           python -m twine check ./dist/*
       - name: Store the distribution packages
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4
         with:
           name: python-package-distributions-${{ matrix.python-version }}
           path: ./dist
@@ -101,11 +101,11 @@ jobs:
           - 3.11
           - 3.12
     steps:
-      - uses: actions/setup-python@v5
+      - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
         with:
           python-version: ${{ matrix.python-version }}
       - name: Download the distribution packages
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
         with:
           name: python-package-distributions-${{ matrix.python-version }}
           path: ./dist