Merge pull request #45 from raft-tech/dependabot/github_actions/githu…

…b/codeql-action-3.27.9

Bump github/codeql-action from 3.26.6 to 3.27.9

.github/workflows/build.yml

@@ -68,6 +68,6 @@ jobs:
           severity: 'MEDIUM,HIGH,CRITICAL'
           vuln-type: 'os,library'
       - name: Upload scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+        uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/scorecard.yml

@@ -40,6 +40,6 @@ jobs:
           publish_results: true
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+        uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
         with:
           sarif_file: results.sarif