fix(deps): update github-actions (#898)

renovate[bot] · web-flow · commit ec78745b7b09 · 2025-06-11T12:48:28.000+02:00
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
 
             # Initializes the CodeQL tools for scanning.
             - name: "Initialize CodeQL"
-              uses: "github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f" # v3.28.18
+              uses: "github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   languages: "${{ matrix.language }}"
                   # If you wish to specify custom queries, you can do so here or in a config file.
@@ -62,7 +62,7 @@ jobs:
             # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: "Autobuild"
-              uses: "github/codeql-action/autobuild@ff0a06e83cb2de871e5a09832bc6a81e7276941f" # v3.28.18
+              uses: "github/codeql-action/autobuild@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
 
             # ℹ️ Command-line programs to run using the OS shell.
             # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -75,6 +75,6 @@ jobs:
             #   ./location_of_script_within_repo/buildscript.sh
 
             - name: "Perform CodeQL Analysis"
-              uses: "github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f" # v3.28.18
+              uses: "github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -43,7 +43,7 @@ jobs:
                   persist-credentials: false
 
             - name: "Run analysis"
-              uses: "ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186" # v2.4.1
+              uses: "ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde" # v2.4.2
               with:
                   results_file: "results.sarif"
                   results_format: "sarif"
@@ -73,6 +73,6 @@ jobs:
 
             # Upload the results to GitHub's code scanning dashboard.
             - name: "Upload to code-scanning"
-              uses: "github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f" # v3.28.18
+              uses: "github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   sarif_file: "results.sarif"
