Google Git
Sign in
skia / external / github.com / unicode-org / icu / refs/heads/dependabot/github_actions/github-actions-0b8b99b4ad^! / .
commita1cb3bdca12db9c2a73f6bd5df3804a5fb8f3fa3[log] [tgz]
authordependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Sun Jun 01 13:22:23 2025 +0000
committerSquash Bot <noreply@unicode.org>Thu Jun 05 16:18:15 2025 +0000
treef5e708477d4d75e0ef17dc821df0066e19f5d1f8
parenta146a0fd4bb41d60a57a308b0ccf88da494c79c1 [diff]
ICU-23054 Bump the github-actions group with 3 updates

See #3511
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 91ba669..69c7aee 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml

@@ -55,7 +55,7 @@
         path: ./out/artifacts   
     - name: Upload Sarif
       if: always() && steps.build.outcome == 'success'
-      uses: github/codeql-action/upload-sarif@v3.28.16
+      uses: github/codeql-action/upload-sarif@v3.28.18
       with:
         # Path to SARIF file relative to the root of the repository
         sarif_file: cifuzz-sarif/results.sarif

diff --git a/.github/workflows/icu4c.yml b/.github/workflows/icu4c.yml
index 4fe8f38..c542333 100644
--- a/.github/workflows/icu4c.yml
+++ b/.github/workflows/icu4c.yml

@@ -743,7 +743,7 @@
     runs-on: ubuntu-22.04  # Updated in BRS
     steps:
     - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-    - uses: bazel-contrib/setup-bazel@0.14.0
+    - uses: bazel-contrib/setup-bazel@0.15.0
     - name: Get CI Linux runner VM version
       id: linux-version
       run: |

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index fe280f5..7e3ef50 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml

@@ -34,7 +34,7 @@
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
+        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
         with:
           results_file: results.sarif
           results_format: sarif
@@ -59,6 +59,6 @@
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@97a2bfd2a3d26d458da69e548f7f859d6fca634d # v2.25.15
+        uses: github/codeql-action/upload-sarif@7fd62151d9daff11d4b981415ffb365dcd93f75a # v2.25.15
         with:
           sarif_file: results.sarif