chore(deps): bump the dependencies group with 3 updates

Bumps the dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/setup-python` from 5.4.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](42375524e2...8d9ed9ac5c) Updates `actions/create-github-app-token` from 1.11.7 to 1.12.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](af35edadc0...d72941d797) Updates `github/codeql-action` from 3.28.12 to 3.28.13 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](5f8171a638...1b549b9259) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2025-03-29 09:11:08 +00:00 · 2025-03-29 09:11:08 +00:00 · a8556d6c81
parent c50e74273d
commit a8556d6c81
3 changed files with 3 additions and 3 deletions
--- a/.github/workflows/lint-and-test.yml
+++ b/.github/workflows/lint-and-test.yml
@ -32,7 +32,7 @@ jobs:
          version: v3.10.1 # Also update in publish.yaml

      - name: Set up python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: 3.9

--- a/.github/workflows/renovate.yaml
+++ b/.github/workflows/renovate.yaml
@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Get token
-        uses: actions/create-github-app-token@af35edadc00be37caa72ed9f3e6d5f7801bfdf09 # v1.11.7
+        uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1.12.0
        id: get_token
        with:
          app-id: ${{ vars.RENOVATE_APP_ID }}
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -68,6 +68,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
+        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
        with:
          sarif_file: results.sarif