commit 77238bc7bf35489df03bc00ce2b2231a1afe6b06
author dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Thu Oct 20 15:33:36 2022 -0700
committer GitHub <noreply@github.com> Thu Oct 20 15:33:36 2022 -0700
tree f489a7744299669178b75ccdee3567eeed9048ac
parent 01d87b7a802e6ea388a066e773b1af3dace44053

Bump github/codeql-action from 2.1.27 to 2.1.28 (#2228)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.27 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/807578363a7869ca324a79039e6db9c843e0e100...cc7986c02bac29104a72998e67239bb5ee2ee110)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/scorecards-analysis.yml

diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index b12b862..ccaf0f6 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -51,6 +51,6 @@
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100
+        uses: github/codeql-action/upload-sarif@cc7986c02bac29104a72998e67239bb5ee2ee110
         with:
           sarif_file: results.sarif