Update github actions

renovate[bot] · web-flow · commit 3634c894e3b9 · 2025-10-15T15:09:34.000Z
| datasource  | package                          | from    | to      |
| ----------- | -------------------------------- | ------- | ------- |
| github-tags | actions/dependency-review-action | v4.8.0  | v4.8.1  |
| github-tags | github/codeql-action             | v3.30.7 | v3.30.8 |
| github-tags | reviewdog/action-actionlint      | v1.67.0 | v1.68.0 |


Signed-off-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -24,7 +24,7 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: "Dependency Review"
-        uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0
+        uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1
         with:
           config-file: "nginx/k8s-common/dependency-review-config.yml@main"
           base-ref: ${{ github.event.pull_request.base.sha || github.event.repository.default_branch }}
diff --git a/.github/workflows/image-promotion.yml b/.github/workflows/image-promotion.yml
@@ -141,7 +141,7 @@ jobs:
           fi
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+        uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
         if: steps.check-sarif.outputs.sarif_has_results == 'true'
         with:
           sarif_file: govulncheck.sarif
@@ -363,7 +363,7 @@ jobs:
          overwrite: true
 
      - name: Upload Scan results to GitHub Security tab
-       uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+       uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
        with:
          sarif_file: "${{ steps.directory.outputs.directory }}/"
 
@@ -443,7 +443,7 @@ jobs:
          overwrite: true
 
      - name: Upload Scan results to GitHub Security tab
-       uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+       uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
        with:
          sarif_file: "${{ steps.directory.outputs.directory }}/"
 
@@ -530,7 +530,7 @@ jobs:
          overwrite: true
 
      - name: Upload Scan results to GitHub Security tab
-       uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+       uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
        with:
          sarif_file: "${{ steps.directory.outputs.directory }}/"
        continue-on-error: true
diff --git a/.github/workflows/lint-format.yml b/.github/workflows/lint-format.yml
@@ -63,7 +63,7 @@ jobs:
       - name: Checkout Repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - uses: reviewdog/action-actionlint@95395aac8c053577d0bc67eb7b74936c660c6f66 # v1.67.0
+      - uses: reviewdog/action-actionlint@f00ad0691526c10be4021a91b2510f0a769b14d0 # v1.68.0
         with:
           actionlint_flags: -shellcheck ""
 
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -57,6 +57,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+        uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
         with:
           sarif_file: results.sarif
