From f8fd2a5e1d9aae284f2f79902ba790ac82c2f13c Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Dec 2025 12:44:46 +0000
Subject: [PATCH 1/2] Initial plan


From bd3949c2b7fac0753b2224070a2db42b0a8db0ab Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Dec 2025 12:47:42 +0000
Subject: [PATCH 2/2] Update version tag comments for codeql-action to v4.31.6

Co-authored-by: PatKamin <35933418+PatKamin@users.noreply.github.com>
---
 .github/workflows/reusable_codeql.yml | 4 ++--
 .github/workflows/reusable_trivy.yml  | 2 +-
 .github/workflows/scorecard.yml       | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/reusable_codeql.yml b/.github/workflows/reusable_codeql.yml
index 9d9250f44..f2148d1cd 100644
--- a/.github/workflows/reusable_codeql.yml
+++ b/.github/workflows/reusable_codeql.yml
@@ -41,7 +41,7 @@ jobs:
         python-version: "3.10"
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v3.29.5
+      uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
       with:
         languages: cpp
         trap-caching: false
@@ -108,7 +108,7 @@ jobs:
       run: cmake --build ${{env.BUILD_DIR}} --config Release -j
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v3.29.5
+      uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
 
     - name: "[Win] Prepare vcpkg cache"
       if: matrix.os == 'windows-latest' && steps.cache.outputs.cache-hit != 'true'
diff --git a/.github/workflows/reusable_trivy.yml b/.github/workflows/reusable_trivy.yml
index 872b29d32..9d39cdaa4 100644
--- a/.github/workflows/reusable_trivy.yml
+++ b/.github/workflows/reusable_trivy.yml
@@ -38,6 +38,6 @@ jobs:
           cat trivy-results.sarif
 
       - name: Upload results
-        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v3.29.5
+        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
         with:
           sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 654df89f3..168f74805 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -49,6 +49,6 @@ jobs:
 
     # Upload the results to GitHub's code scanning dashboard.
     - name: Upload to code-scanning
-      uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v3.29.5
+      uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
       with:
         sarif_file: scorecard_results.sarif