From 3b710cef0eda5057248d33dbdf4810282228da35 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 16:26:52 +0000 Subject: [PATCH] Update github/codeql-action action to v4 --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/docker-image.yml | 2 +- .github/workflows/eslint-code-scanning.yml | 2 +- .github/workflows/snyk-code.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 463e5d92..28ac984a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -70,7 +70,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} # yamllint disable rule:line-length @@ -87,7 +87,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -101,6 +101,6 @@ jobs: # yamllint enable rule:line-length - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 069e21bd..a307162c 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -189,6 +189,6 @@ jobs: TRIVY_DB_REPOSITORY: ${{ vars.TRIVY_DB_REPOSITORY }} - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/eslint-code-scanning.yml b/.github/workflows/eslint-code-scanning.yml index 3d4e9de8..ef066aa8 100644 --- a/.github/workflows/eslint-code-scanning.yml +++ b/.github/workflows/eslint-code-scanning.yml @@ -69,7 +69,7 @@ jobs: continue-on-error: true - name: Upload analysis results to GitHub - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: eslint-results.sarif wait-for-processing: true diff --git a/.github/workflows/snyk-code.yml b/.github/workflows/snyk-code.yml index 041a1c03..12160d92 100644 --- a/.github/workflows/snyk-code.yml +++ b/.github/workflows/snyk-code.yml @@ -28,6 +28,6 @@ jobs: with: args: --sarif-file-output=snyk-code.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: 'snyk-code.sarif'