Merge pull request #417 from rubygems/dependabot/github_actions/github/codeql-action-4.31.10

hsbt · web-flow · commit 7f0326a802e3 · 2026-01-19T16:15:50.000+09:00
Bump github/codeql-action from 3.27.4 to 4.31.10
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -57,6 +57,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
         with:
           sarif_file: results.sarif
