From afab7c382b6b25d2e55f461e04e64dd3db495c39 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Feb 2025 09:20:37 +0000
Subject: [PATCH] chore: bump github/codeql-action in /actions/build_docker

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/48ab28a6f5dbc2a99bf1e0131198dd8f1df78169...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 actions/build_docker/action.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/actions/build_docker/action.yml b/actions/build_docker/action.yml
index 51c6f1a..91fdc39 100644
--- a/actions/build_docker/action.yml
+++ b/actions/build_docker/action.yml
@@ -123,7 +123,7 @@ runs:
     - name: Upload Trivy scan results to GitHub Security tab
       # Do not upload SARIF reports on private repos - GitHub Advanced Security is not enabled
       if: ${{ !cancelled() && fromJSON(inputs.scan) && !github.event.repository.private }} # workaround for composite jobs not being able to pass boolean inputs
-      uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 #v3.28.0
+      uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d #v3.28.10
       with:
         sarif_file: "trivy-results.sarif"
         category: trivy