chore(deps): update github-actions (#404)

.github/workflows/build.yml

@@ -39,7 +39,7 @@ jobs:
             return await script({ core })
 
       - name: Load image metadata
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
         id: metadata
         with:
           images: |
@@ -147,14 +147,14 @@ jobs:
           ref: ${{ github.head_ref }}
 
       - name: Setup NodeJS
-        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
         with:
           cache: npm
           cache-dependency-path: docs/src/package-lock.json
           node-version: lts/*
 
       - name: Generate authentication token with GitHub App to trigger Actions
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: app-token
         with:
           app-id: ${{ secrets.VERIFIED_COMMIT_ID }}

.github/workflows/changelog.yml

@@ -45,7 +45,7 @@ jobs:
           git-cliff -v --tag ${{ env.FLUTTER_VERSION }} --github-repo ${{ github.repository }} --output changelog.md
       
       - name: Generate authentication token with GitHub App to trigger Actions
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: app-token
         with:
           app-id: ${{ secrets.VERIFIED_COMMIT_ID }}

.github/workflows/ci.yml

@@ -48,7 +48,7 @@ jobs:
             return await script({ core })
 
       - name: Load image metadata
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
         id: metadata
         with:
           images: |

.github/workflows/release.yml

@@ -37,7 +37,7 @@ jobs:
             return await script({ core })
 
       - name: Load image metadata
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
         id: metadata
         with:
           images: |
@@ -147,7 +147,7 @@ jobs:
           sarif-file: sarif.json
 
       - name: Upload the results to GitHub's code scanning dashboard
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           sarif_file: sarif.json
 
@@ -160,7 +160,7 @@ jobs:
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Generate authentication token with GitHub App to trigger Actions
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: app-token
         with:
           app-id: ${{ secrets.VERIFIED_COMMIT_ID }}

.github/workflows/scorecard.yml

@@ -70,6 +70,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           sarif_file: results.sarif

.github/workflows/tag.yml

@@ -17,7 +17,7 @@ jobs:
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Generate authentication token with GitHub App to trigger Actions
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: app-token
         with:
           app-id: ${{ secrets.VERIFIED_COMMIT_ID }}

.github/workflows/update_version.yml

@@ -213,7 +213,7 @@ jobs:
           path: test
 
       - name: Setup NodeJS
-        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
         with:
           cache: npm
           cache-dependency-path: docs/src/package-lock.json
@@ -241,7 +241,7 @@ jobs:
           echo "COMMIT_MESSAGE=chore(release): upgrade flutter to ${{ env.FLUTTER_VERSION }}" >> $GITHUB_ENV
 
       - name: Generate authentication token with GitHub App to trigger Actions
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: app-token
         with:
           app-id: ${{ secrets.VERIFIED_COMMIT_ID }}
@@ -251,7 +251,7 @@ jobs:
 
       # TODO: Generate changelog for the new flutter version, that will be the new tag
       - name: Create pull request if there are changes
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11
         with:
           commit-message: ${{ env.COMMIT_MESSAGE }}
           branch: update-flutter-dependencies/${{ env.FLUTTER_VERSION }}