Bump the actions group with 2 updates (#12777)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 04:09:16 -08:00 · 2025-02-03 04:09:16 -08:00 · 9b1866a3f7
commit 9b1866a3f7
parent 413f057c2c
4 changed files with 4 additions and 4 deletions
--- a/.github/workflows/chart.yaml
+++ b/.github/workflows/chart.yaml
@ -23,7 +23,7 @@ jobs:

    steps:
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: 3.x

--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@ -218,7 +218,7 @@ jobs:

    steps:
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: 3.x

--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@ -59,6 +59,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
+        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
        with:
          sarif_file: results.sarif
--- a/.github/workflows/vulnerability-scans.yaml
+++ b/.github/workflows/vulnerability-scans.yaml
@ -75,7 +75,7 @@ jobs:

      # This step checks out a copy of your repository.
      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
+        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
        with:
          token: ${{ github.token }}
          # Path to SARIF file relative to the root of the repository