ICU-23054 Bump the github-actions group with 3 updates
See #3706
diff --git a/.github/workflows/brs-commit-checker.yml b/.github/workflows/brs-commit-checker.yml
index 90eee8c..111712e 100644
--- a/.github/workflows/brs-commit-checker.yml
+++ b/.github/workflows/brs-commit-checker.yml
@@ -36,7 +36,7 @@
run: |
git fetch origin
- name: Setup Python
- uses: actions/setup-python@v5
+ uses: actions/setup-python@v6
with:
python-version: '3.12.8'
cache: 'pipenv'
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 0f4e40f..53faf99 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -55,7 +55,7 @@
path: ./out/artifacts
- name: Upload Sarif
if: always() && steps.build.outcome == 'success'
- uses: github/codeql-action/upload-sarif@v3.30.0
+ uses: github/codeql-action/upload-sarif@v3.30.5
with:
# Path to SARIF file relative to the root of the repository
sarif_file: cifuzz-sarif/results.sarif
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 305d838..c927efe 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -34,7 +34,7 @@
persist-credentials: false
- name: "Run analysis"
- uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
+ uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
with:
results_file: results.sarif
results_format: sarif
@@ -59,6 +59,6 @@
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@1fd8a71a1271a5ad7639a423fdd9485e1be64031 # v2.25.15
+ uses: github/codeql-action/upload-sarif@80cb6b56b93de3e779c7d476d9100d06fb87c877 # v2.25.15
with:
sarif_file: results.sarif
