build(deps): bump github/codeql-action from 4.36.2 to 4.36.3#1236
Conversation
Update all `github/codeql-action` sub-actions to v4.36.3: - `codeql-action/init` in codeql.yaml - `codeql-action/upload-sarif` in scorecard.yaml Also configure dependabot to group all `github/codeql-action/*` updates into a single PR to avoid separate PRs for each sub-action. Closes: python-wheel-build#1231 Closes: python-wheel-build#1234 Co-Authored-By: Claude <claude@anthropic.com> Signed-off-by: Christian Heimes <cheimes@redhat.com>
📝 WalkthroughWalkthroughThis PR bumps the pinned commit SHAs for two github/codeql-action steps (init in the CodeQL workflow, upload-sarif in the Scorecard workflow) from v4.36.2 to v4.36.3, and adds a Dependabot Estimated code review effort: 1 (Trivial) | ~3 minutes Changes
Related issues: Suggested labels: dependencies, github_actions Suggested reviewers: none identified from the provided context 🐰 A rabbit's rhymeTwo little SHAs hopped up a notch, 🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Tick the box to add this pull request to the merge queue (same as
|
Pull Request Description
What
Update all
github/codeql-actionsub-actions to v4.36.3:codeql-action/initin codeql.yamlcodeql-action/upload-sarifin scorecard.yamlAlso configure dependabot to group all
github/codeql-action/*updates into a single PR to avoid separate PRs for each sub-action.Why
Closes: #1231
Closes: #1234