From 4232c0a8eef45c0b2496e7a8c8678f2d8f07badb Mon Sep 17 00:00:00 2001
From: GitHub Actions <actions@github.com>
Date: Thu, 16 Apr 2026 13:31:37 +0000
Subject: [PATCH] fix: update benchmark-action/github-action-benchmark to
 v1.22.0 and mlugg/setup-zig to v2.2.1 for improved security and functionality

---
 .github/workflows/benchmark.yml          | 2 +-
 .github/workflows/release-goreleaser.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
index aaa131c0..aca4b0ca 100644
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -52,7 +52,7 @@ jobs:
         # This avoids gh-pages branch errors and permission issues on fork PRs
         if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_branch == 'main'
         # Security: Pinned to full SHA for supply chain security
-        uses: benchmark-action/github-action-benchmark@4e0b38bc48375986542b13c0d8976b7b80c60c00 # v1
+        uses: benchmark-action/github-action-benchmark@a60cea5bc7b49e15c1f58f411161f99e0df48372 # v1.22.0
         with:
           name: Go Benchmark
           tool: 'go'
diff --git a/.github/workflows/release-goreleaser.yml b/.github/workflows/release-goreleaser.yml
index 0507698c..a9fa9e16 100644
--- a/.github/workflows/release-goreleaser.yml
+++ b/.github/workflows/release-goreleaser.yml
@@ -67,7 +67,7 @@ jobs:
 
       - name: Install Cross-Compilation Tools (Zig)
         # Security: Pinned to full SHA for supply chain security
-        uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
         with:
           version: 0.13.0