chore(deps): bump github/codeql-action from 4.32.5 to 4.34.1 (#265)

dependabot[bot] · web-flow · commit 6c9932352ec4 · 2026-03-25T19:56:53.000Z
diff --git a/.github/workflows/charts.yml b/.github/workflows/charts.yml
@@ -78,10 +78,10 @@ jobs:
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 #v3.29.5
+        uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc #v3.29.5
         continue-on-error: true
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 #v3.29.5
+        uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc #v3.29.5
         continue-on-error: true
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -92,7 +92,7 @@ jobs:
           format: 'sarif'
           output: 'trivy-results.sarif'
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 #v3.29.5
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc #v3.29.5
         with:
           sarif_file: 'trivy-results.sarif'
 
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -31,6 +31,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v3.29.5
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v3.29.5
         with:
           sarif_file: results.sarif
