Bump github/codeql-action from 3 to 4

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Author: dependabot[bot]

.github/workflows/docker-image-security-scan.yml

@@ -28,7 +28,7 @@ jobs:
         acs-report-enable: true
         fail-build: true
     - name: Upload Anchore scan SARIF report
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       if: ${{ always() }}
       with:
         sarif_file: ${{ steps.scan.outputs.sarif }}

.github/workflows/security.yml

@@ -27,7 +27,7 @@ jobs:
         with:
           args: '-no-fail -fmt sarif -out results.sarif -tests ./...'
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           # Path to SARIF file relative to the root of the repository
           sarif_file: results.sarif
@@ -49,6 +49,6 @@ jobs:
     - name: Fix SARIF format
       run: yq --inplace --output-format json '.runs |= map ({"results":[]} + .)' results.sarif
     - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: results.sarif