Bump github/codeql-action from 3 to 4 (#267)

dependabot[bot] · web-flow · commit dd2b431c1b24 · 2025-11-16T19:32:30.000+01:00
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -51,7 +51,7 @@ jobs:
       with:
         fetch-depth: 0
     - name: 🎰 initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
     - name: 🏗️ build
@@ -62,6 +62,6 @@ jobs:
           throw "dotnet build failed with exit code $LastExitCode"
         }
     - name: 🔬 analyze with CodeQL
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
       with:
         category: '/language:${{ matrix.language }}'
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
@@ -78,7 +78,7 @@ jobs:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
           QODANA_ENDPOINT: 'https://qodana.cloud'
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
         if: ${{ always() }}
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -48,7 +48,7 @@ jobs:
         env:
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: semgrep.sarif
         if: ${{ always() }}
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
@@ -68,7 +68,7 @@ jobs:
           args: --all-projects --exclude=Objectivity.AutoFixture.XUnit2.AutoFakeItEasy.Tests,Objectivity.AutoFixture.XUnit2.AutoMoq.Tests,Objectivity.AutoFixture.XUnit2.AutoNSubstitute.Tests,Objectivity.AutoFixture.XUnit2.Core.Tests
           command: monitor
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: snyk
         if: ${{ always() }}
