fix(deps): update github-actions (#164)

renovate[bot] · prisis · web-flow · commit 2cdb74597ad8 · 2025-06-16T16:47:58.000+02:00
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
Co-authored-by: Daniel Bannert &lt;prisis@users.noreply.github.com&gt;
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
 
             # Initializes the CodeQL tools for scanning.
             - name: "Initialize CodeQL"
-              uses: "github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b" # v3.28.17
+              uses: "github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   languages: "${{ matrix.language }}"
                   # If you wish to specify custom queries, you can do so here or in a config file.
@@ -62,7 +62,7 @@ jobs:
             # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: "Autobuild"
-              uses: "github/codeql-action/autobuild@60168efe1c415ce0f5521ea06d5c2062adbeed1b" # v3.28.17
+              uses: "github/codeql-action/autobuild@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
 
             # ℹ️ Command-line programs to run using the OS shell.
             # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -75,6 +75,6 @@ jobs:
             #   ./location_of_script_within_repo/buildscript.sh
 
             - name: "Perform CodeQL Analysis"
-              uses: "github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b" # v3.28.17
+              uses: "github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -33,4 +33,4 @@ jobs:
                   EMAIL: "github-actions[bot]@users.noreply.github.com"
 
             - name: "Dependency Review"
-              uses: "actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8" # v4.6.0
+              uses: "actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9" # v4.7.1
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -43,7 +43,7 @@ jobs:
                   persist-credentials: false
 
             - name: "Run analysis"
-              uses: "ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186" # v2.4.1
+              uses: "ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde" # v2.4.2
               with:
                   results_file: "results.sarif"
                   results_format: "sarif"
@@ -73,6 +73,6 @@ jobs:
 
             # Upload the results to GitHub's code scanning dashboard.
             - name: "Upload to code-scanning"
-              uses: "github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b" # v3.28.17
+              uses: "github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e" # v3.28.19
               with:
                   sarif_file: "results.sarif"
