Bump github/codeql-action from 3.28.17 to 3.28.18 in /github/workflows (ChrisCarini/github-repo-files-sync/pull/262); Bump gradle/actions from 4.3.1 to 4.4.0 in /github/workflows (ChrisCarini/github-repo-files-sync/pull/263) (#546)

ChrisCarini · dependabot[bot] · web-flow · commit 78e41797d23a · 2025-05-19T09:00:31.000Z
* Bump github/codeql-action from 3.28.17 to 3.28.18 in /github/workflows (ChrisCarini/github-repo-files-sync#262) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.17 to 3.28.18. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@60168ef...ff0a06e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump gradle/actions from 4.3.1 to 4.4.0 in /github/workflows (ChrisCarini/github-repo-files-sync#263) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](gradle/actions@06832c7...8379f6a) --- updated-dependencies: - dependency-name: gradle/actions dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -38,7 +38,7 @@ jobs:
 
       # Validate wrapper
       - name: Gradle Wrapper Validation
-        uses: gradle/actions/wrapper-validation@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1
+        uses: gradle/actions/wrapper-validation@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
 
   # Run verifyPlugin and test Gradle tasks
   test:
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -68,6 +68,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
+        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
         with:
           sarif_file: results.sarif
