As part of keeping your workflows up-to-date, we recommend that you change your workflow slugs to pypa/gh-action-pip-audit. Once you do that, Dependabot (or whatever other tooling you use) should track updates to the action correctly.
P.S.: I'm filing these issues instead of making PRs, so that you (as maintainers) can confirm the trustworthiness of the change. If you'd prefer me to make a PR instead, give me a ping and I'll do so.
Thanks for using gh-action-pip-audit in your CI!
I'm filing this issue (as an actual human being) to let you know that we recently became a PyPA member project, and correspondingly changed our repo from trailofbits/gh-action-pip-audit to pypa/gh-action-pip-audit.
As part of keeping your workflows up-to-date, we recommend that you change your workflow slugs to pypa/gh-action-pip-audit. Once you do that, Dependabot (or whatever other tooling you use) should track updates to the action correctly.
P.S.: I'm filing these issues instead of making PRs, so that you (as maintainers) can confirm the trustworthiness of the change. If you'd prefer me to make a PR instead, give me a ping and I'll do so.