From 4f5bac934a7f1b750dcb3eb9bd0ff8c7483110f4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 14 May 2024 03:49:04 +0000
Subject: [PATCH 1/2] Bump github/codeql-action from 3.25.4 to 3.25.5

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.4 to 3.25.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3.25.4...v3.25.5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codeql.yml  | 4 ++--
 .github/workflows/semgrep.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index bd0c041..5501420 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,8 +28,8 @@ jobs:
         WORKFLOW=$(echo "$WORKFLOW" | cut -d '@' -f 1 | cut -d '/' -f 3-5)
         go run ./cmd/ghasum verify -cache /home/runner/work/_actions -no-evict -offline "$WORKFLOW:$JOB"
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.25.4
+      uses: github/codeql-action/init@v3.25.5
       with:
         languages: go
     - name: Perform CodeQL analysis
-      uses: github/codeql-action/analyze@v3.25.4
+      uses: github/codeql-action/analyze@v3.25.5
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index d7eb21b..7f72f23 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -33,7 +33,7 @@ jobs:
       env:
         SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
     - name: Upload Semgrep report to GitHub
-      uses: github/codeql-action/upload-sarif@v3.25.4
+      uses: github/codeql-action/upload-sarif@v3.25.5
       if: ${{ failure() || success() }}
       with:
         sarif_file: semgrep.sarif

From f0fc49de19663c86c93c3d0d29b0f1f86f65df29 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <dependabot[bot]@users.noreply.github.com>
Date: Tue, 14 May 2024 03:49:32 +0000
Subject: [PATCH 2/2] Update ghasum checksums

---
 .github/workflows/gha.sum | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum
index b1d6dd3..b72b0e7 100755
--- a/.github/workflows/gha.sum
+++ b/.github/workflows/gha.sum
@@ -2,7 +2,7 @@ version 1
 
 actions/checkout@v4.1.2 5uAXl352I8XStCYyGTbGN7KcAaq2TyH8pPYNxivPuJo=
 actions/setup-go@v5.0.1 q8sUwsMBEiWR5uyTQTvyQtNFn3obLEbDMcbC4Qk1JiA=
-github/codeql-action@v3.25.4 IS0jPBoizz231GhtreScmnuGvpNv//SRaBVTxgcSB/E=
+github/codeql-action@v3.25.5 kZ0ixIPxdOS44EBdkP9WwdxPdiJDELmTa859OIK9NU4=
 ncipollo/release-action@v1.14.0 +JAIlT/RB99JgfxlDrAcAdBnaKX4y8hyFWnHc4j7tfM=
 stefanzweifel/git-auto-commit-action@v5.0.0 t2VeG9180CmZ5/cmxvkFkN6iWoWsOjlaJ2V8rp1HDqY=
 tibdex/github-app-token@v2.1.0 ZNSBo6XSE0yxs8IkHEkVtUC9MkEeXTclXpMLl6zAmCs=