From 8f732c3f717f4066a346f006f49e87ab3c7d9f2b Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 8 Dec 2025 09:29:59 +0000
Subject: [PATCH] chore(deps): update github actions

---
 .github/workflows/Comment-on-PR.yml            |  4 ++--
 .github/workflows/Notify-Convention-Change.yml |  2 +-
 .github/workflows/PR.yml                       |  6 +++---
 .github/workflows/Publish-Package.yml          | 18 +++++++++---------
 .github/workflows/Update-Poetry-Lock.yml       |  4 ++--
 5 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/Comment-on-PR.yml b/.github/workflows/Comment-on-PR.yml
index 72f4ccb9..d651da54 100644
--- a/.github/workflows/Comment-on-PR.yml
+++ b/.github/workflows/Comment-on-PR.yml
@@ -12,10 +12,10 @@ jobs:
     name: PR comment
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
 
       - name: Comment on PR
-        uses: thollander/actions-comment-pull-request@v1
+        uses: thollander/actions-comment-pull-request@8a3fad13c20088e9eb0805666b9fe49509d2fec8 # v1.6.0
         with:
           message: |
             Thank you for contributing! :wave:
diff --git a/.github/workflows/Notify-Convention-Change.yml b/.github/workflows/Notify-Convention-Change.yml
index 41ed1e29..0b840814 100644
--- a/.github/workflows/Notify-Convention-Change.yml
+++ b/.github/workflows/Notify-Convention-Change.yml
@@ -22,7 +22,7 @@ jobs:
     steps:
       - uses: actions/checkout@main
       - name: Comment on PR
-        uses: thollander/actions-comment-pull-request@v1
+        uses: thollander/actions-comment-pull-request@8a3fad13c20088e9eb0805666b9fe49509d2fec8 # v1.6.0
         with:
           message: |
             Thank you for contributing! :wave:
diff --git a/.github/workflows/PR.yml b/.github/workflows/PR.yml
index 5c04cdca..1d796b14 100644
--- a/.github/workflows/PR.yml
+++ b/.github/workflows/PR.yml
@@ -22,7 +22,7 @@ jobs:
         python-version: [3.9, 3.14] # oldest supported and latest tested
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
       - uses: ni/python-actions/setup-python@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
         with:
           python-version: ${{ matrix.python-version }}
@@ -37,7 +37,7 @@ jobs:
         python-version: [3.9, '3.10', 3.11, 3.12, 3.13, 3.14, 3.14t]
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
       - name: Set up Python
         id: setup-python
         uses: ni/python-actions/setup-python@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
@@ -46,7 +46,7 @@ jobs:
       - name: Set up Poetry
         uses: ni/python-actions/setup-poetry@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       - name: Cache virtualenv
-        uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
           path: .venv
           key: nps-${{ runner.os }}-py${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('poetry.lock') }}
diff --git a/.github/workflows/Publish-Package.yml b/.github/workflows/Publish-Package.yml
index 0e9e68fc..f0dcfc60 100644
--- a/.github/workflows/Publish-Package.yml
+++ b/.github/workflows/Publish-Package.yml
@@ -40,17 +40,17 @@ jobs:
     needs: [check_package]
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
       - name: Set up Python
-        uses: ni/python-actions/setup-python@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/setup-python@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       - name: Set up Poetry
-        uses: ni/python-actions/setup-poetry@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/setup-poetry@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       # If the version is 0.1.0-alpha.0, this will set the version to 0.1.0
       - name: Promote package version to release
         run: poetry version patch
       - name: Check project version
         if: github.event_name == 'release'
-        uses: ni/python-actions/check-project-version@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/check-project-version@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       - name: Build distribution packages
         run: poetry build
       - name: Upload build artifacts
@@ -77,7 +77,7 @@ jobs:
         path: dist/
     - run: ls -lR
     - name: Upload to ${{ env.environment }}
-      uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4
+      uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
       with:
         repository-url: ${{ fromJson(env.environment-info)[env.environment].upload-url }} 
   update_version:
@@ -89,16 +89,16 @@ jobs:
       pull-requests: write
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
       - name: Set up Python
-        uses: ni/python-actions/setup-python@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/setup-python@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       - name: Set up Poetry
-        uses: ni/python-actions/setup-poetry@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/setup-poetry@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
       # If the version is 0.1.0-alpha.0, this will set the version to 0.1.0
       - name: Promote package version to release
         run: poetry version patch
       - name: Update project version
-        uses: ni/python-actions/update-project-version@5286c12d65d90b2ea738bd57d452dc4366497581 # v0.4.1
+        uses: ni/python-actions/update-project-version@9768589f3e50672173dad75a6fc181e4a85d33fa # v0.7.0
         with:
           # The default GITHUB_TOKEN cannot trigger PR workflows.
           token: ${{ secrets.ADMIN_PAT }}
diff --git a/.github/workflows/Update-Poetry-Lock.yml b/.github/workflows/Update-Poetry-Lock.yml
index edcd4a4f..47edf7ae 100644
--- a/.github/workflows/Update-Poetry-Lock.yml
+++ b/.github/workflows/Update-Poetry-Lock.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: org-check
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
         with:
           ref: main # This is the branch the PR is to be created from
           persist-credentials: true # make the token that is used the GITHUB_TOKEN, instead of your personal token
@@ -33,7 +33,7 @@ jobs:
           echo "branch_name=automated-updates/update-poetry-lock" >> $GITHUB_OUTPUT
       - name: Create branch
         run: git checkout -b ${{ steps.vars.outputs.branch_name }}
-      - uses: actions/setup-python@v2
+      - uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2.3.4
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - uses: Gr1N/setup-poetry@v8