Bump the github-action-updates group with 2 updates

Bumps the github-action-updates group with 2 updates: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `astral-sh/setup-uv` from 7.1.0 to 7.1.1
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@3259c62...2ddd2b9)

Updates `github/codeql-action` from 4.30.8 to 4.30.9
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@f443b60...16140ae)

---
updated-dependencies:
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-action-updates
- dependency-name: github/codeql-action
  dependency-version: 4.30.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-action-updates
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/ci.yml

@@ -38,7 +38,7 @@ jobs:
           python-version: ${{ env.python_version }}
           check-latest: true # 3.13.4 broken
       - name: Install uv
-        uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0
+        uses: astral-sh/setup-uv@2ddd2b9cb38ad8efd50337e8ab201519a34c9f24 # v7.1.1
         with:
           enable-cache: true
           cache-dependency-glob: ".pre-commit-config.yaml"
@@ -66,7 +66,7 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Install uv
-        uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0
+        uses: astral-sh/setup-uv@2ddd2b9cb38ad8efd50337e8ab201519a34c9f24 # v7.1.1
         with:
           enable-cache: true
           cache-dependency-glob: "uv.lock"
@@ -107,7 +107,7 @@ jobs:
           python-version: ${{ env.python_version }}
           check-latest: true # 3.13.4 broken
       - name: Install uv
-        uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0
+        uses: astral-sh/setup-uv@2ddd2b9cb38ad8efd50337e8ab201519a34c9f24 # v7.1.1
         with:
           enable-cache: true
           cache-dependency-glob: "uv.lock"

.github/workflows/codeql.yml

@@ -32,11 +32,11 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v3.29.5
+        uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v3.29.5
         with:
           languages: python
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v3.29.5
+        uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v3.29.5
         with:
           category: "/language:python"

.github/workflows/scorecards.yml

@@ -71,6 +71,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v3.29.5
+        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v3.29.5
         with:
           sarif_file: results.sarif