From 6280a0cb6b5b1963661942f67c3e817d814f1f1d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Jul 2026 08:45:07 +0000 Subject: [PATCH] ci(deps): bump github/codeql-action/upload-sarif from 4.36.3 to 4.37.0 Bumps [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) from 4.36.3 to 4.37.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a...99df26d4f13ea111d4ec1a7dddef6063f76b97e9) --- updated-dependencies: - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/devskim.yml | 2 +- .github/workflows/msdo.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index f4b8a93..b405dcf 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -37,6 +37,6 @@ jobs: with: should-scan-archives: true - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/upload-sarif@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/msdo.yml b/.github/workflows/msdo.yml index f04433d..fc0ac66 100644 --- a/.github/workflows/msdo.yml +++ b/.github/workflows/msdo.yml @@ -34,6 +34,6 @@ jobs: id: scan uses: microsoft/security-devops-action@08976cb623803b1b36d7112d4ff9f59eae704de0 # v1.12.0 - name: Upload MSDO scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/upload-sarif@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: sarif_file: ${{ steps.scan.outputs.sarifFile }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 2fd7d93..8f10020 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -37,6 +37,6 @@ jobs: results_format: sarif publish_results: true - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/upload-sarif@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: sarif_file: scorecards-results.sarif