Bump the actions group with 4 updates (#362)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/codeql.yml

@@ -55,7 +55,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4
+      uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4
       with:
         languages: ${{ matrix.language }}
         build-mode: none
@@ -71,6 +71,6 @@ jobs:
         pip install -e .
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4
+      uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/dist.yml

@@ -37,7 +37,7 @@ jobs:
     - name: Create packages
       run: python -m build .
     - name: Store package artifacts
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: all-dist-${{ github.run_id }}
         path: "dist/*"

.github/workflows/release.yml

@@ -73,7 +73,7 @@ jobs:
       id-token: write
     steps:
       - name: Download all the dists
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v7
         with:
           name: all-dist-${{ github.run_id }}
           path: dist/

.github/workflows/zizmor.yml

@@ -18,4 +18,4 @@ jobs:
         with:
           persist-credentials: false
       - name: Run zizmor 🌈
-        uses: zizmorcore/zizmor-action@c0e2b1c877e25a91d1d747c438d49199cad29698
+        uses: zizmorcore/zizmor-action@cb3d8e846e148d1111d90b03375b9c03deceda37