chore(deps): update github/codeql-action action to v3.28.5 (#147)

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v3.28.3` -> `v3.28.5` | --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.28.5`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.5) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.4...v3.28.5) ### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.5 - 24 Jan 2025 - Update default CodeQL bundle version to 2.20.3. [#2717](https://redirect.github.com/github/codeql-action/pull/2717) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md) for more information. ### [`v3.28.4`](https://redirect.github.com/github/codeql-action/compare/v3.28.3...v3.28.4) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.3...v3.28.4) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/infonl/webdav-servlet).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: infonl-marcel <[email protected]>
infonl · Jan 30, 2025 · 2df5d7e · 2df5d7e
1 parent 6c5a3e8
commit 2df5d7e
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -46,7 +46,7 @@ jobs:
         uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
+        uses: github/codeql-action/init@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         with:
           languages: ${{ matrix.language }}
 
@@ -55,4 +55,4 @@ jobs:
         run: ./gradlew build -x test
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
+        uses: github/codeql-action/analyze@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
diff --git a/.github/workflows/snyk-code-scanning.yml b/.github/workflows/snyk-code-scanning.yml
@@ -32,6 +32,6 @@ jobs:
           args: --severity-threshold=high --sarif-file-output=snyk-gradle.sarif
 
       - name: Upload Snyk Gradle result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         with:
           sarif_file: snyk-gradle.sarif
diff --git a/.github/workflows/trivy-code-scanning.yml b/.github/workflows/trivy-code-scanning.yml
@@ -41,7 +41,7 @@ jobs:
           severity: 'CRITICAL,HIGH'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         if: github.ref == 'refs/heads/main'
         with:
           sarif_file: 'trivy-results.sarif'