Update dependencies, Github achtions and dependabot strategy

.github/dependabot.yml

@@ -2,10 +2,18 @@ version: 2
 updates:
   - package-ecosystem: github-actions
     directory: /
+    rebase-strategy: "disabled"
     schedule:
       interval: weekly
+      day: "saturday"
+      timezone: "Europe/Berlin"
+      time: "03:00"
 
   - package-ecosystem: npm
     directory: /
+    rebase-strategy: "disabled"
     schedule:
       interval: weekly
+      day: "saturday"
+      timezone: "Europe/Berlin"
+      time: "03:00"

.github/workflows/build.yml

@@ -15,28 +15,28 @@ jobs:
   build: # make sure build/ci work properly
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: '20'
+          node-version: 22.15.1
           cache: 'npm'
       - run: npm ci
       - run: |
           npm run build
   clean-run: # make sure the action works on a clean machine without building
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
       - uses: ./
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: '20'
+          node-version: 22.15.1
           cache: 'npm'
       - run: npm ci
       - name: Lint

.github/workflows/check-dist.yml

@@ -20,11 +20,11 @@ jobs:
   check-dist:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - name: Set Node.js 20.x
-        uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - name: Set Node.js 22.15.1
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: 20.x
+          node-version: 22.15.1
       - name: Install dependencies
         run: npm ci
       - name: Rebuild the dist/ directory
@@ -40,7 +40,7 @@ jobs:
           fi
         id: diff
       # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47  # v4.6.2
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/codeql.yml

@@ -38,11 +38,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@396fd27c308b7ab96df64e7e4cb9a7c6e22f4ebc  # v3.28.18
       with:
         languages: ${{ matrix.language }}
         config-file: ./.github/codeql/codeql-config.yml
@@ -57,7 +57,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@396fd27c308b7ab96df64e7e4cb9a7c6e22f4ebc  # v3.28.18
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -70,4 +70,4 @@ jobs:
     #   ./location_of_script_within_repo/buildscript.sh
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@396fd27c308b7ab96df64e7e4cb9a7c6e22f4ebc  # v3.28.18

.github/workflows/rebuild-dist.yml

@@ -13,14 +13,14 @@ jobs:
         reaction: '+1'
       env:
           GITHUB_TOKEN: ${{ secrets.PAT }}
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
       if: steps.check.outputs.triggered == 'true'
       with:
         token: ${{ secrets.PAT }}
     - name: Use Node.js
-      uses: actions/setup-node@v3
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
       with:
-        node-version: '20'
+        node-version: 22.15.1
         cache: 'npm'
     - run: npm ci
     - run: npm run all
@@ -34,7 +34,7 @@ jobs:
         fi
 
     - name: Commit and Push
-      uses: stefanzweifel/git-auto-commit-action@v5
+      uses: stefanzweifel/git-auto-commit-action@ae114628ea78fd141aa4fa7730f70c984b29c391  # v 5.2.0
       if: ${{ env.changes_exist == 'true' }}
       with:
         commit_message: ':package: (core): update build files'

.github/workflows/test.yml

@@ -10,21 +10,21 @@ jobs:
   unit-tests:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: '20'
+          node-version: v22.15.1
           cache: 'npm'
       - run: npm ci
       - run: |
           npm test
   test-if-closed-pr-is-found:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: '20'
+          node-version: 22.15.1
           cache: 'npm'
       - run: npm ci
       - name: Build Action
@@ -44,10 +44,10 @@ jobs:
   test-if-closed-pr-is-not-found-when-filtering-closed-prs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2  # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
-          node-version: '20'
+          node-version: v22.15.1
           cache: 'npm'
       - run: npm ci
       - name: Build Action

.nvmrc

@@ -1 +1 @@
-v20
+v22.15.1