From 43c749ac4886eeb07f6affce4a877e1ea4ba19c2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 May 2026 00:12:03 +0000
Subject: [PATCH] chore(deps): bump the dependencies group with 4 updates

Bumps the dependencies group with 4 updates: [github/codeql-action](https://github.com/github/codeql-action), [github-community-projects/contributors](https://github.com/github-community-projects/contributors), [kenyonj/mark-ready-when-ready](https://github.com/kenyonj/mark-ready-when-ready) and [github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml](https://github.com/github-community-projects/ospo-reusable-workflows).


Updates `github/codeql-action` from 4.35.3 to 4.35.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e)

Updates `github-community-projects/contributors` from 2.0.10 to 2.0.11
- [Release notes](https://github.com/github-community-projects/contributors/releases)
- [Commits](https://github.com/github-community-projects/contributors/compare/1878140f3a38f939c76bcf4af402be1af67b5e94...b859081429c8fa345253bdc53f4ccd94ab43cab7)

Updates `kenyonj/mark-ready-when-ready` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/kenyonj/mark-ready-when-ready/releases)
- [Commits](https://github.com/kenyonj/mark-ready-when-ready/compare/0ef6176fc2ddef5bab6cb4ab9517a37f0c153ba4...164bebf98862a24419165413a00bab80107b25ad)

Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml` from 1.0.0 to 1.0.1
- [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release.md)
- [Commits](https://github.com/github-community-projects/ospo-reusable-workflows/compare/592067a69a43d2285f933753d89a7c9d51b96530...e92cb6053ace495fe40a5f185988557afcdcecbc)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github-community-projects/contributors
  dependency-version: 2.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: kenyonj/mark-ready-when-ready
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml
  dependency-version: 1.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codeql.yml                | 4 ++--
 .github/workflows/contributors_report.yaml  | 2 +-
 .github/workflows/mark-ready-when-ready.yml | 2 +-
 .github/workflows/release.yml               | 2 +-
 .github/workflows/scorecard.yml             | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 07030e2..1640b75 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
+        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -67,6 +67,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
+        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/contributors_report.yaml b/.github/workflows/contributors_report.yaml
index 67519d6..0b4865f 100644
--- a/.github/workflows/contributors_report.yaml
+++ b/.github/workflows/contributors_report.yaml
@@ -35,7 +35,7 @@ jobs:
           echo "END_DATE=$end_date" >> "$GITHUB_ENV"
 
       - name: Run contributor action
-        uses: github-community-projects/contributors@1878140f3a38f939c76bcf4af402be1af67b5e94
+        uses: github-community-projects/contributors@b859081429c8fa345253bdc53f4ccd94ab43cab7
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           START_DATE: ${{ env.START_DATE }}
diff --git a/.github/workflows/mark-ready-when-ready.yml b/.github/workflows/mark-ready-when-ready.yml
index da7a089..653b163 100644
--- a/.github/workflows/mark-ready-when-ready.yml
+++ b/.github/workflows/mark-ready-when-ready.yml
@@ -30,6 +30,6 @@ jobs:
           egress-policy: audit
 
       - name: Mark ready when ready
-        uses: kenyonj/mark-ready-when-ready@0ef6176fc2ddef5bab6cb4ab9517a37f0c153ba4 # main (contents:write fix)
+        uses: kenyonj/mark-ready-when-ready@164bebf98862a24419165413a00bab80107b25ad # main (contents:write fix)
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 6786338..c89ecff 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -16,7 +16,7 @@ jobs:
       id-token: write # Federate for artifact attestation
       attestations: write # Generate build provenance attestations
       discussions: write # Create release announcement discussion
-    uses: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml@592067a69a43d2285f933753d89a7c9d51b96530 # v1.0.0
+    uses: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml@e92cb6053ace495fe40a5f185988557afcdcecbc # v1.0.1
     with:
       publish: true
       release-config-name: release-drafter.yml
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c80bb68..4aec4bc 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -49,6 +49,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7
+        uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e
         with:
           sarif_file: results.sarif