From e1f95120a5169456c3848aee02494f69f67090d7 Mon Sep 17 00:00:00 2001
From: Daniel Tschinder <code@tschinder.de>
Date: Fri, 27 Mar 2026 21:11:46 +0100
Subject: [PATCH 1/2] chore: automerge of digest updates

---
 renovate.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/renovate.json b/renovate.json
index 6d0704bfd0..d727a1ac5d 100644
--- a/renovate.json
+++ b/renovate.json
@@ -25,6 +25,11 @@
       "matchUpdateTypes": ["minor", "patch"],
       "automerge": true
     },
+    {
+      "matchManagers": ["github-actions"],
+      "matchUpdateTypes": ["digest"],
+      "automerge": true
+    },
     {
       "matchDepTypes": ["devDependencies"],
       "matchUpdateTypes": ["minor", "patch"],

From 8b54963a3eec251b499e44c9244cefbad7681a9a Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 27 Mar 2026 20:12:07 +0000
Subject: [PATCH 2/2] chore(deps): update github/codeql-action digest to
 c10b806

---
 .github/workflows/codeql-analysis.yml | 6 +++---
 .github/workflows/ossar-analysis.yml  | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 817ed7124e..3670ca039d 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -40,7 +40,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
+      uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -51,7 +51,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
+      uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -65,4 +65,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
+      uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4
diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml
index 3eeff8e8ec..9518e7acac 100644
--- a/.github/workflows/ossar-analysis.yml
+++ b/.github/workflows/ossar-analysis.yml
@@ -41,6 +41,6 @@ jobs:
 
       # Upload results to the Security tab
     - name: Upload OSSAR results
-      uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
+      uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4
       with:
         sarif_file: ${{ steps.ossar.outputs.sarifFile }}