chore(deps): update ivuorinen/actions action (v2026.01.21 → v2026.02.03)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/workflows/codeql.yml

@@ -1,13 +1,14 @@
 ---
 # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: "CodeQL"
+
 on:
   push:
     branches: ["main"]
   pull_request:
     branches: ["main"]
   schedule:
-    - cron: "30 1 * * 0"
+    - cron: "30 1 * * 0" # Run at 1:30 AM UTC every Sunday
   merge_group:
 
 permissions:
@@ -20,12 +21,26 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       security-events: write
+
     strategy:
       fail-fast: false
       matrix:
-        language: ["actions"]
+        language: ['actions'] # Add languages used in your actions
+
     steps:
-      - name: CodeQL Analysis
-        uses: ivuorinen/actions/codeql-analysis@main
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
         with:
-          language: ${{ matrix.language }}
+          languages: ${{ matrix.language }}
+          queries: security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/pr-lint.yml

@@ -36,7 +36,7 @@ jobs:
 
       - name: Run PR Lint
         # https://github.com/ivuorinen/actions
-        uses: ivuorinen/actions/pr-lint@dc85cef1c285edd3d2edcb4a7c82bdd08ccc7c56 # v2026.03.20
+        uses: ivuorinen/actions/pr-lint@f371da218e9152e7d29ee39358454e41010c36dc # v2026.02.03
         with:
           username: 'github-actions'
           email: 'github-actions@github.com'

.github/workflows/stale.yml

@@ -23,4 +23,4 @@ jobs:
       issues: write
       pull-requests: write
     steps:
-      - uses: ivuorinen/actions/stale@dc85cef1c285edd3d2edcb4a7c82bdd08ccc7c56 # v2026.03.20
+      - uses: ivuorinen/actions/stale@f371da218e9152e7d29ee39358454e41010c36dc # v2026.02.03

.github/workflows/sync-labels.yml

@@ -38,4 +38,4 @@ jobs:
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
       - name: ⤵️ Sync Latest Labels Definitions
-        uses: ivuorinen/actions/sync-labels@dc85cef1c285edd3d2edcb4a7c82bdd08ccc7c56 # v2026.03.20
+        uses: ivuorinen/actions/sync-labels@f371da218e9152e7d29ee39358454e41010c36dc # v2026.02.03

.pre-commit-config.yaml

@@ -29,20 +29,20 @@ repos:
         args: ["--baseline", ".secrets.baseline"]
 
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.30.1
+    rev: v8.30.0
     hooks:
       - id: gitleaks
 
   # Markdown linting
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.48.0
+    rev: v0.47.0
     hooks:
       - id: markdownlint
         args: [-c, .markdownlint.json, --fix]
 
   # EditorConfig linting
   - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
-    rev: 3.6.1
+    rev: 3.6.0
     hooks:
       - id: editorconfig-checker
         alias: ec
@@ -69,14 +69,14 @@ repos:
 
   # GitHub Actions linting
   - repo: https://github.com/rhysd/actionlint
-    rev: v1.7.11
+    rev: v1.7.10
     hooks:
       - id: actionlint
         args: ["-shellcheck="]
 
   # Security scanning
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '3.2.510'
+    rev: '3.2.500'
     hooks:
       - id: checkov
         args: