From b7b579ed33c33c6e7a37b72bd62d7a9e0dfa37ad Mon Sep 17 00:00:00 2001
From: skjnldsv <skjnldsv@protonmail.com>
Date: Sat, 13 Jul 2024 10:19:45 +0200
Subject: [PATCH] chore: update workflows from templates

Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
---
 .github/workflows/dependabot-approve-merge.yml |  2 +-
 .github/workflows/fixup.yml                    |  3 +++
 .github/workflows/npm-audit-fix.yml            | 10 +++++-----
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
index b5a8f0b8..0d6b2c26 100644
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -31,7 +31,7 @@ jobs:
       pull-requests: write
 
     steps:
-      # Github actions bot approve
+      # GitHub actions bot approve
       - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/fixup.yml b/.github/workflows/fixup.yml
index c01a2f04..69da2bbb 100644
--- a/.github/workflows/fixup.yml
+++ b/.github/workflows/fixup.yml
@@ -2,6 +2,9 @@
 #
 # https://github.com/nextcloud/.github
 # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+#
+# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
 
 name: Block fixup and squash commits
 
diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml
index 881225d4..eb720496 100644
--- a/.github/workflows/npm-audit-fix.yml
+++ b/.github/workflows/npm-audit-fix.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           ref: ${{ matrix.branches }}
 
@@ -44,7 +44,7 @@ jobs:
           node-version: ${{ steps.versions.outputs.nodeVersion }}
 
       - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
-        run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
+        run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
 
       - name: Fix npm audit
         id: npm-audit
@@ -60,15 +60,15 @@ jobs:
 
       - name: Create Pull Request
         if: always()
-        uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
         with:
           token: ${{ secrets.COMMAND_BOT_PAT }}
-          commit-message: "fix(deps): fix npm audit"
+          commit-message: 'fix(deps): Fix npm audit'
           committer: GitHub <noreply@github.com>
           author: nextcloud-command <nextcloud-command@users.noreply.github.com>
           signoff: true
           branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
-          title: "[${{ matrix.branches }}] Fix npm audit"
+          title: '[${{ matrix.branches }}] Fix npm audit'
           body: ${{ steps.npm-audit.outputs.markdown }}
           labels: |
             dependencies