From d201c6c08e865d3464169424566f5119d8136c0a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 7 Aug 2024 03:35:27 +0000
Subject: [PATCH] Bump actions/upload-artifact from 4.3.5 to 4.3.6

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.5...v4.3.6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/scorecards.yml | 2 +-
 action.yml                       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 61a0f92..53bd9e1 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -63,7 +63,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
         with:
           name: SARIF file
           path: results.sarif
diff --git a/action.yml b/action.yml
index 6dee4c9..ea43da3 100644
--- a/action.yml
+++ b/action.yml
@@ -42,7 +42,7 @@ runs:
     run: echo "tag=$(git describe --tags --abbrev=0)" >> $GITHUB_OUTPUT
     shell: bash
 
-  - uses: actions/upload-artifact@v4.3.5
+  - uses: actions/upload-artifact@v4.3.6
     if: steps.release.outputs.released == 'true' || steps.draft.outputs.created == 'true'
     with:
       name: 'security2'