chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions from 5.0.3 to 5.0.4 (#5149)

dependabot[bot] · web-flow · commit 476fefb25ddc · 2026-03-30T23:28:22.000+08:00
Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/secure-workflows.yml b/.github/workflows/secure-workflows.yml
@@ -32,6 +32,6 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6.0.2
       - name: Ensure 3rd party workflows have SHA pinned
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@471d5ace1f08e3c4df1c4c2f7e6341aa75da434a # v5.0.3
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ca46236c6ce584ae24bc6283ba8dcf4b3ec8a066 # v5.0.4
         with:
           allowlist: slsa-framework/slsa-github-generator
