build(deps): bump the github-action-updates group across 1 directory with 4 updates (#189)

dependabot[bot] · web-flow · commit 011b92ad39cd · 2025-06-30T12:09:48.000+02:00
Bumps the github-action-updates group with 4 updates in the / directory: [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter), [github/codeql-action](https://github.com/github/codeql-action), [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) and [philips-software/sonarqube-issue-conversion](https://github.com/philips-software/sonarqube-issue-conversion). Updates `oxsecurity/megalinter` from 8.7.0 to 8.8.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](oxsecurity/megalinter@5a91fb0...e08c2b0) Updates `github/codeql-action` from 3.28.18 to 3.29.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@ff0a06e...ce28f5b) Updates `marocchino/sticky-pull-request-comment` from 2.9.2 to 2.9.3 - [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases) - [Commits](marocchino/sticky-pull-request-comment@67d0dec...d2ad0de) Updates `philips-software/sonarqube-issue-conversion` from 1.0.1 to 1.1.0 - [Release notes](https://github.com/philips-software/sonarqube-issue-conversion/releases) - [Changelog](https://github.com/philips-software/sonarqube-issue-conversion/blob/main/CHANGELOG.md) - [Commits](philips-software/sonarqube-issue-conversion@574a39d...7a8d605) --- updated-dependencies: - dependency-name: oxsecurity/megalinter dependency-version: 8.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-updates - dependency-name: github/codeql-action dependency-version: 3.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-updates - dependency-name: marocchino/sticky-pull-request-comment dependency-version: 2.9.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-updates - dependency-name: philips-software/sonarqube-issue-conversion dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml
@@ -26,13 +26,13 @@ jobs:
         with:
           fetch-depth: 0
           persist-credentials: false
-      - uses: oxsecurity/megalinter/flavors/c_cpp@5a91fb06c83d0e69fbd23756d47438aa723b4a5a # v8.7.0
+      - uses: oxsecurity/megalinter/flavors/c_cpp@e08c2b05e3dbc40af4c23f41172ef1e068a7d651 # v8.8.0
         env:
           APPLY_FIXES: all
           VALIDATE_ALL_CODEBASE: true
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - run: git diff
-      - uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      - uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
         if: ${{ success() || failure() }}
         with:
           sarif_file: megalinter-reports/megalinter-report.sarif
diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml
@@ -26,7 +26,7 @@ jobs:
             doesn't start with an uppercase character.
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - uses: marocchino/sticky-pull-request-comment@67d0dec7b07ed060a405f9b2a64b8ab319fdd7db # v2.9.2
+      - uses: marocchino/sticky-pull-request-comment@d2ad0de260ae8b0235ce059e63f2949ba9e05943 # v2.9.3
         if: always() && steps.pr-title.outputs.error_message != null
         with:
           header: pr-title-lint-error
@@ -40,7 +40,7 @@ jobs:
             ${{ steps.pr-title.outputs.error_message }}
 
       - if: steps.pr-title.outputs.error_message == null
-        uses: marocchino/sticky-pull-request-comment@67d0dec7b07ed060a405f9b2a64b8ab319fdd7db # v2.9.2
+        uses: marocchino/sticky-pull-request-comment@d2ad0de260ae8b0235ce059e63f2949ba9e05943 # v2.9.3
         with:
           header: pr-title-lint-error
           delete: true
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -31,6 +31,6 @@ jobs:
           results_format: sarif
           repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
           publish_results: true
-      - uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      - uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
         with:
           sarif_file: scorecards.sarif
diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml
@@ -46,7 +46,7 @@ jobs:
         run: |
           gcovr --sonarqube=coverage.xml --exclude-lines-by-pattern '.*assert\(.*\);|.*really_assert\(.*\);|.*std::abort();' --exclude-unreachable-branches --exclude-throw-branches -j "$(nproc)" --exclude=.*/example/.* --exclude=.*/external/.* --exclude=.*/test/.*
 
-      - uses: philips-software/sonarqube-issue-conversion@574a39dedf13464c712b9d36be4bac33241884d8 # v1.0.1
+      - uses: philips-software/sonarqube-issue-conversion@7a8d60524dafa52eea3439587b310c81b2f2f981 # v1.1.0
         with:
           input: ${{ github.workspace }}/testresults/*.xml
           output: execution.xml
@@ -73,12 +73,12 @@ jobs:
       - uses: hendrikmuhs/ccache-action@63069e3931dedbf3b63792097479563182fe70d1 # v1.2.18
         with:
           key: ${{ github.job }}
-      - uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      - uses: github/codeql-action/init@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
         with:
           languages: cpp
       - uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8
         with:
           configurePreset: "Host"
           buildPreset: "Host-Debug"
           configurePresetAdditionalArgs: "['-DCMAKE_C_COMPILER_LAUNCHER=ccache', '-DCMAKE_CXX_COMPILER_LAUNCHER=ccache']"
-      - uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      - uses: github/codeql-action/analyze@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
