Bump github/codeql-action from 3.28.18 to 3.29.2 (#57)

dependabot[bot] · web-flow · commit 9ed4bb31f0c3 · 2025-07-02T12:10:31.000-07:00
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,66 +1,66 @@
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-#
-# http://go.microsoft.com/fwlink/?LinkId=271568
-
-name: "CodeQL"
-
-on:
-  push:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-  pull_request:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-  schedule:
-    - cron: '21 22 * * 6'
-
-permissions:
-  contents: read
-
-jobs:
-  analyze:
-    name: Analyze (C/C++)
-    runs-on: windows-latest
-    timeout-minutes: 360
-    permissions:
-      actions: read  # for github/codeql-action/init to get workflow details
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/autobuild to send a status report
-      packages: read
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: 'Install Ninja'
-        run: choco install ninja
-
-      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
-
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
-        with:
-          languages: c-cpp
-          build-mode: manual
-
-      - name: 'Configure CMake'
-        working-directory: ${{ github.workspace }}
-        run: cmake --preset=x64-Debug
-
-      - name: 'Build'
-        working-directory: ${{ github.workspace }}
-        run: cmake --build out\build\x64-Debug
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
-        with:
-          category: "/language:c-cpp"
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkId=271568
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+  pull_request:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+  schedule:
+    - cron: '21 22 * * 6'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    name: Analyze (C/C++)
+    runs-on: windows-latest
+    timeout-minutes: 360
+    permissions:
+      actions: read  # for github/codeql-action/init to get workflow details
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/autobuild to send a status report
+      packages: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: 'Install Ninja'
+        run: choco install ninja
+
+      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+        with:
+          languages: c-cpp
+          build-mode: manual
+
+      - name: 'Configure CMake'
+        working-directory: ${{ github.workspace }}
+        run: cmake --preset=x64-Debug
+
+      - name: 'Build'
+        working-directory: ${{ github.workspace }}
+        run: cmake --build out\build\x64-Debug
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+        with:
+          category: "/language:c-cpp"
diff --git a/.github/workflows/msvc.yml b/.github/workflows/msvc.yml
@@ -1,62 +1,62 @@
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-#
-# http://go.microsoft.com/fwlink/?LinkId=271568
-
-name: Microsoft C++ Code Analysis
-
-on:
-  push:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - '.azuredevops/**'
-      - LICENSE
-      - '.nuget/*'
-  pull_request:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - '.azuredevops/**'
-      - LICENSE
-      - '.nuget/*'
-  schedule:
-    - cron: '20 21 * * 2'
-
-permissions:
-  contents: read
-
-jobs:
-  analyze:
-    permissions:
-      contents: read
-      security-events: write
-      actions: read
-    name: Analyze
-    runs-on: windows-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
-        with:
-          arch: amd64
-
-      - name: Configure CMake
-        working-directory: ${{ github.workspace }}
-        run: cmake -B out -DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON
-
-      - name: Initialize MSVC Code Analysis
-        uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1
-        id: run-analysis
-        with:
-          cmakeBuildDirectory: ./out
-          buildConfiguration: Debug
-          ruleset: NativeRecommendedRules.ruleset
-
-      # Upload SARIF file to GitHub Code Scanning Alerts
-      - name: Upload SARIF to GitHub
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
-        with:
-          sarif_file: ${{ steps.run-analysis.outputs.sarif }}
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkId=271568
+
+name: Microsoft C++ Code Analysis
+
+on:
+  push:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - '.azuredevops/**'
+      - LICENSE
+      - '.nuget/*'
+  pull_request:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - '.azuredevops/**'
+      - LICENSE
+      - '.nuget/*'
+  schedule:
+    - cron: '20 21 * * 2'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+    name: Analyze
+    runs-on: windows-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
+        with:
+          arch: amd64
+
+      - name: Configure CMake
+        working-directory: ${{ github.workspace }}
+        run: cmake -B out -DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON
+
+      - name: Initialize MSVC Code Analysis
+        uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1
+        id: run-analysis
+        with:
+          cmakeBuildDirectory: ./out
+          buildConfiguration: Debug
+          ruleset: NativeRecommendedRules.ruleset
+
+      # Upload SARIF file to GitHub Code Scanning Alerts
+      - name: Upload SARIF to GitHub
+        uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+        with:
+          sarif_file: ${{ steps.run-analysis.outputs.sarif }}
