Bump github/codeql-action in the github-actions group
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).
Updates `github/codeql-action` from 3.28.18 to 3.29.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.18...v3.29.2)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 69c7aee..d42c957 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -55,7 +55,7 @@
path: ./out/artifacts
- name: Upload Sarif
if: always() && steps.build.outcome == 'success'
- uses: github/codeql-action/upload-sarif@v3.28.18
+ uses: github/codeql-action/upload-sarif@v3.29.5
with:
# Path to SARIF file relative to the root of the repository
sarif_file: cifuzz-sarif/results.sarif
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 7e3ef50..db54d72 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -59,6 +59,6 @@
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@7fd62151d9daff11d4b981415ffb365dcd93f75a # v2.25.15
+ uses: github/codeql-action/upload-sarif@b9b3b12fa29bb4f95fb2e36128124ff9364aaf0e # v2.25.15
with:
sarif_file: results.sarif
