From f6184935aa64d36ff868abdebe867a939e929e89 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sat, 12 Nov 2022 18:40:24 +0000
Subject: [PATCH] Update GitHub Actions

---
 .github/workflows/detect_version_bump.yml | 2 +-
 .github/workflows/python-publish.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/detect_version_bump.yml b/.github/workflows/detect_version_bump.yml
index 17b42c7..26c597b 100644
--- a/.github/workflows/detect_version_bump.yml
+++ b/.github/workflows/detect_version_bump.yml
@@ -28,7 +28,7 @@ jobs:
           echo "::set-output name=result::$IS_PRERELEASE"
       - name: Create Release
         # use hash for security since this has access to the access token
-        uses: ncipollo/release-action@4c75f0f2e4ae5f3c807cf0904605408e319dcaac # v1.8.6
+        uses: ncipollo/release-action@18eadf9c9b0f226f47f164f5373c6a44f0aae169 # v1.11.2
         with:
           token: ${{ secrets.ACCESS_TOKEN }}
           tag: v${{ steps.get-new-version.outputs.version }}
diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 756b805..9972a93 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -46,6 +46,6 @@ jobs:
         # v1.4.2 release. Using full SHA for security
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
       - name: Publish distribution 📦 to PyPI
-        uses: pypa/gh-action-pypi-publish@37f50c210e3d2f9450da2cd423303d6a14a6e29f
+        uses: pypa/gh-action-pypi-publish@5fb2f047e26679d7846a8370de1642ff160b9025
         with:
           password: ${{ secrets.PYPI_API_TOKEN }}