From fec7d990daed985fc1bdb11ad46d2c9e7fd1bb6c Mon Sep 17 00:00:00 2001
From: Kuesung Park <gueit214@gachon.ac.kr>
Date: Thu, 2 Apr 2026 14:25:44 +0900
Subject: [PATCH 1/2] fix: use main branch for changesets/bot action

---
 .github/workflows/changeset-bot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/changeset-bot.yml b/.github/workflows/changeset-bot.yml
index 9c837c02..d5c99483 100644
--- a/.github/workflows/changeset-bot.yml
+++ b/.github/workflows/changeset-bot.yml
@@ -11,4 +11,4 @@ jobs:
   bot:
     runs-on: ubuntu-latest
     steps:
-      - uses: changesets/bot@v1
+      - uses: changesets/bot@main

From bcf5104ca3d078a5876ed4bf0ccb3eba00b7348e Mon Sep 17 00:00:00 2001
From: guesung <gueit214@naver.com>
Date: Sat, 11 Apr 2026 03:02:40 +0900
Subject: [PATCH 2/2] ci: pin changesets/bot action to commit SHA for
 supply-chain security

Pin to master HEAD SHA as changesets/bot has no release tags.
Aligns with the repo's SHA-pinning policy (#325).
---
 .github/workflows/changeset-bot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/changeset-bot.yml b/.github/workflows/changeset-bot.yml
index d5c99483..7d16c617 100644
--- a/.github/workflows/changeset-bot.yml
+++ b/.github/workflows/changeset-bot.yml
@@ -11,4 +11,4 @@ jobs:
   bot:
     runs-on: ubuntu-latest
     steps:
-      - uses: changesets/bot@main
+      - uses: changesets/bot@e755cedfffdc49f54ce5daa69d960a143941b787 # master