chore: Bump github/codeql-action from 3.28.4 to 3.28.5 (#2077)

Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ratify-project · Jan 27, 2025 · 69e3961 · 69e3961
1 parent 2e8e488
commit 69e3961
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -37,12 +37,12 @@ jobs:
         with:
           go-version: "1.22"
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # tag=v3.28.4
+        uses: github/codeql-action/init@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # tag=v3.28.5
         with:
           languages: go
       - name: Run tidy
         run: go mod tidy
       - name: Build CLI
         run: make build
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # tag=v3.28.4
+        uses: github/codeql-action/analyze@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # tag=v3.28.5
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -55,6 +55,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # tag=v3.28.4
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # tag=v3.28.5
         with:
           sarif_file: results.sarif