⬆ Bump CodSpeedHQ/action in the github-actions group

Bumps the github-actions group with 1 update: [CodSpeedHQ/action](https://github.com/codspeedhq/action).


Updates `CodSpeedHQ/action` from 4.17.0 to 4.17.5
- [Release notes](https://github.com/codspeedhq/action/releases)
- [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md)
- [Commits](9d332c4d90...c145068895)

---
updated-dependencies:
- dependency-name: CodSpeedHQ/action
  dependency-version: 4.17.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/test.yml

@@ -194,7 +194,7 @@ jobs:
       - name: Install Dependencies
         run: uv sync --no-dev --group tests --extra all
       - name: CodSpeed benchmarks
-        uses: CodSpeedHQ/action@9d332c4d90b43981c3e55ae8e38e68709996240f # v4.17.0
+        uses: CodSpeedHQ/action@c145068895e045cc725ee76fcd2307624b65c3af # v4.17.5
         with:
           mode: simulation
           run: uv run --no-sync pytest tests/benchmarks --codspeed

.github/workflows/zizmor.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+  pull_request:
   workflow_dispatch:
 
 permissions: {}

docs/en/docs/release-notes.md

@@ -9,6 +9,7 @@ hide:
 
 ### Internal
 
+* 🔒️ Update zizmor workflow security checks. PR [#15820](https://github.com/fastapi/fastapi/pull/15820) by [@tiangolo](https://github.com/tiangolo).
 * ⬆ Bump pydantic-settings from 2.14.1 to 2.14.2. PR [#15799](https://github.com/fastapi/fastapi/pull/15799) by [@dependabot[bot]](https://github.com/apps/dependabot).
 
 ## 0.138.0 (2026-06-20)