From 4b179ce6512f4f56cc2c517a44181a95710f396b Mon Sep 17 00:00:00 2001 From: nscuro Date: Thu, 16 Jul 2026 18:52:43 +0200 Subject: [PATCH] Bump CodeQL actions to 4.37.0 Also updates the `tag=...` annotation as Dependabot fails to do so on its own. Signed-off-by: nscuro --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index da3bec86a..92fe8c7b2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,10 +32,10 @@ jobs: if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # tag=v3.29.5 + uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # tag=v4.37.0 with: languages: java - name: Autobuild - uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # tag=v3.29.5 + uses: github/codeql-action/autobuild@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # tag=v4.37.0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # tag=v3.29.5 + uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # tag=v4.37.0