From 178a7fb983c22a734f388a5b12cc8745037dd8da Mon Sep 17 00:00:00 2001
From: Angular Robot <angular-robot@google.com>
Date: Fri, 26 Sep 2025 17:36:12 +0000
Subject: [PATCH] build: update all github actions

See associated pull request for more information.
---
 .github/workflows/codeql.yml               | 4 ++--
 .github/workflows/scorecard.yml            | 2 +-
 github-actions/linting/licenses/action.yml | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 807e28c36..80d77ebd7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -27,10 +27,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3.30.4
+        uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
         with:
           languages: ${{ matrix.language }}
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3.30.4
+        uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
         with:
           category: '/language:${{matrix.language}}'
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 8f7bd270e..39cdaa5be 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3.30.4
+        uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
         with:
           sarif_file: results.sarif
diff --git a/github-actions/linting/licenses/action.yml b/github-actions/linting/licenses/action.yml
index c7e3fe9d5..0fb439d1b 100644
--- a/github-actions/linting/licenses/action.yml
+++ b/github-actions/linting/licenses/action.yml
@@ -11,7 +11,7 @@ runs:
   using: composite
   steps:
     - name: Check Package Licenses
-      uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3
+      uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0
       env:
         # The action ref here allows us to import the config file from the same sha we rely on in the downstream usage
         ACTION_REF: ${{ github.action_ref || 'main' }}