This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git
The following commit(s) were added to refs/heads/master by this push:
new 835fbb1fc Bump github/codeql-action from 4.31.4 to 4.31.5
835fbb1fc is described below
commit 835fbb1fc61c2fc804022308e230e27e34b10e47
Author: Gary Gregory <[email protected]>
AuthorDate: Fri Nov 28 21:41:29 2025 +0000
Bump github/codeql-action from 4.31.4 to 4.31.5
---
.github/workflows/codeql-analysis.yml | 2 +-
.github/workflows/scorecards-analysis.yml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/codeql-analysis.yml
b/.github/workflows/codeql-analysis.yml
index 64742afcc..1f7bdc41f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -91,4 +91,4 @@ jobs:
mvn clean package -ntp -f "pom.xml" -B -V -e -Dfindbugs.skip
-Dcheckstyle.skip -Dpmd.skip=true -Dspotbugs.skip -Denforcer.skip
-Dmaven.javadoc.skip -DskipTests -Dmaven.test.skip.exec -Dlicense.skip=true
-Drat.skip=true -Dspotless.check.skip=true
- name: Perform CodeQL Analysis
- uses:
github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # 4.31.4
+ uses:
github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # 4.31.5
diff --git a/.github/workflows/scorecards-analysis.yml
b/.github/workflows/scorecards-analysis.yml
index 1df72e5ab..c32feed9c 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -64,6 +64,6 @@ jobs:
retention-days: 5
- name: "Upload to code-scanning"
- uses:
github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b #
4.31.4
+ uses:
github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 #
4.31.5
with:
sarif_file: results.sarif
