From beb4d1fb17aeb4f1db130f170c4af4e6a00ccebd Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 10 Feb 2025 14:22:12 +0200
Subject: [PATCH] =?UTF-8?q?fix(github-action):=20update=20github/codeql-ac?=
 =?UTF-8?q?tion=20(v3.28.8=20=E2=86=92=20v3.28.9)=20(#35)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/action-security.yml | 4 ++--
 .github/workflows/codeql.yml          | 6 +++---
 .github/workflows/pr-lint.yml         | 2 +-
 .github/workflows/scorecard.yml       | 2 +-
 .github/workflows/security.yml        | 4 ++--
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/action-security.yml b/.github/workflows/action-security.yml
index 26d8fb5..88d476e 100644
--- a/.github/workflows/action-security.yml
+++ b/.github/workflows/action-security.yml
@@ -117,14 +117,14 @@ jobs:
 
       - name: Upload Trivy results
         if: steps.verify-sarif.outputs.has_trivy == 'true'
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: 'trivy-results.sarif'
           category: 'trivy'
 
       - name: Upload Gitleaks results
         if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: 'gitleaks-report.sarif'
           category: 'gitleaks'
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 87bd792..ffef7e9 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,15 +32,15 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           languages: ${{ matrix.language }}
           queries: security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/autobuild@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           category: '/language:${{matrix.language}}'
diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml
index f15f172..f344299 100644
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -113,7 +113,7 @@ jobs:
 
       - name: Upload SARIF Report
         if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: megalinter-reports/sarif
           category: megalinter
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 3bd8975..b868bd3 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -38,6 +38,6 @@ jobs:
           retention-days: 5
 
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index b3f3dce..4d6ce83 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -93,7 +93,7 @@ jobs:
             --failOnCVSS 7
 
       - name: Upload OWASP Results
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: reports/dependency-check-report.sarif
           category: owasp-dependency-check
@@ -117,7 +117,7 @@ jobs:
 
       - name: Upload Snyk Results
         if: steps.check-secrets.outputs.run_snyk == 'true'
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: snyk-results.sarif
           category: snyk