diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0c7bd35e01..64666683fa 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -74,3 +74,7 @@ updates: commit-message: prefix: "CI: " include: "scope" + groups: + codeql: + patterns: + - "github/codeql-action/*" diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml index a81cd8c737..ba65621e21 100644 --- a/.github/workflows/code-analysis.yml +++ b/.github/workflows/code-analysis.yml @@ -33,9 +33,9 @@ jobs: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3