build: bump github/codeql-action from 3.28.0 to 3.28.1

fork of go-git with some jj specific features

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.0...v3.28.1)

---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

authored by

dependabot[bot] and committed by

GitHub 1 year ago d6400742 45f90de3

+3 -3

2 changed files

expand all

.github

workflows

cifuzz.yml

codeql.yml

+1 -1

.github/workflows/cifuzz.yml

··· 28 28 path: ./out/artifacts 29 29 - name: Upload Sarif 30 30 if: always() && steps.build.outcome == 'success' 31 - uses: github/codeql-action/upload-sarif@v3.28.0 31 + uses: github/codeql-action/upload-sarif@v3.28.1 32 32 with: 33 33 # Path to SARIF file relative to the root of the repository 34 34 sarif_file: cifuzz-sarif/results.sarif

+2 -2

.github/workflows/codeql.yml

··· 28 28 29 29 # Initializes the CodeQL tools for scanning. 30 30 - name: Initialize CodeQL 31 - uses: github/codeql-action/init@78760076e3f08852c2c3aeb5334f70d074e28c59 # v2.22.11 31 + uses: github/codeql-action/init@1f86f55dce064513e2111b0d4fc7cfb11444c092 # v2.22.11 32 32 with: 33 33 languages: ${{ matrix.language }} 34 34 # xref: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs ··· 39 39 run: go build ./... 40 40 41 41 - name: Perform CodeQL Analysis 42 - uses: github/codeql-action/analyze@78760076e3f08852c2c3aeb5334f70d074e28c59 # v2.22.11 42 + uses: github/codeql-action/analyze@1f86f55dce064513e2111b0d4fc7cfb11444c092 # v2.22.11 43 43 with: 44 44 category: "/language:${{matrix.language}}"

Configure Feed

Configure Feed