⬆️(deps): Update github/codeql-action action to v4.31.9 (#1458)

renovate[bot] · web-flow · commit d5501302a891 · 2025-12-17T22:23:29.000Z
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -73,7 +73,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
+        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -87,6 +87,6 @@ jobs:
         run: mvn -B  clean package
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
+        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum
@@ -9,7 +9,7 @@ actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 Cn0rDfuNlsG0naRPXRAU
 actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e hzGkcTiiDYqECET2xIRbsCTZmPfGNRIS3EA+y6skjew=
 actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f pGNYwgnMwE8lQptaxeFNnwBLuWlkpSuQLb+kTVzspLg=
 chains-project/maven-lockfile@5222660eda041ecb4000581b943a20ba6fcc84d4 URblge0/4o6WvT4VQ70TJnuIbOZIRpml+3CilSJUZQA=
-github/codeql-action@1b168cd39490f61582a9beae412bb7057a6b2c4e LrJq7h5nDzZsGiJ8OBiL2dszMYNX1kqPPNXpenWnY9g=
+github/codeql-action@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 jhRhU4XT+9kwxbzVpVaoEYrk4POgI75xb83NgyRHLFc=
 google/osv-scanner-action@375a0e8ebdc98e99b02ac4338a724f5750f21213 f2mqSqRTRl3eo4gx9rCxay5RVqMDnKc5VphUxkJWhKk=
 jreleaser/release-action@90ac653bb9c79d11179e65d81499f3f34527dcd5 as+c3Rfu/4EhsRhpHf+KRqH0iqq4hW2MiE+5V2R6PDI=
 ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a oHo5wLG0ePY4IIiiNfo0MU1uYrDKDkeV7MpBTJ39dQg=
diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml
@@ -112,7 +112,7 @@ jobs:
     - name: "Upload to code-scanning"
       id: "upload_artifact"
       if: ${{ !cancelled() }}
-      uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
+      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
       with:
         sarif_file: results.sarif
 
diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml
@@ -73,7 +73,7 @@ jobs:
     # Upload the results to GitHub's code scanning dashboard.
     - name: "Upload to code-scanning"
       if: "${{ !cancelled() && inputs.upload-sarif == true }}"
-      uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
+      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
       with:
         sarif_file: results.sarif
 
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -86,6 +86,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
+        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
         with:
           sarif_file: results.sarif
