Bump actions/upload-artifact from 4.4.3 to 4.5.0

dependabot[bot] · athomas · commit d3818ff31e1e · 2025-01-07T00:47:15.000-08:00
Closes #59795 GitOrigin-RevId: f366a75 Change-Id: I171883e8802d10a8f18ca2ea0d4d6d59e4b85196 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/402261 Reviewed-by: Alexander Thomas <athom@google.com>
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -44,7 +44,7 @@ jobs:
 
       # Upload the results as artifacts (optional).
       - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b
         with:
           name: SARIF file
           path: results.sarif
diff --git a/.github/workflows/third-party-deps-scan.yml b/.github/workflows/third-party-deps-scan.yml
@@ -32,7 +32,7 @@ jobs:
       - name: "extract deps, find commit hash, pass to osv-scanner"
         run: python .github/extract_deps.py --output osv-lockfile-${{github.sha}}.json
       - name: "upload osv-scanner deps"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b
         with:
           # use github.ref in name to avoid duplicated artifacts
           name: osv-lockfile-${{github.sha}}
