From 9b4cf594ef6884e8a70e4004e3f665049d442eef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 11:18:17 -0800 Subject: [PATCH] Bump github/codeql-action from 3.27.6 to 3.27.9 (#569) --- .github/dependabot.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/msvc.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ca79ca5b..3a626c3a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,4 +3,4 @@ updates: - package-ecosystem: github-actions directory: / schedule: - interval: weekly + interval: monthly diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 400337e4..2764287b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -47,7 +47,7 @@ jobs: - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0 - name: Initialize CodeQL - uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: languages: c-cpp build-mode: manual @@ -61,6 +61,6 @@ jobs: run: cmake --build out\build\x64-Debug - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: category: "/language:c-cpp" diff --git a/.github/workflows/msvc.yml b/.github/workflows/msvc.yml index 8ee4e575..6186a84f 100644 --- a/.github/workflows/msvc.yml +++ b/.github/workflows/msvc.yml @@ -71,6 +71,6 @@ jobs: # Upload SARIF file to GitHub Code Scanning Alerts - name: Upload SARIF to GitHub - uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: sarif_file: ${{ steps.run-analysis.outputs.sarif }}