Update github/codeql-action digest to 2d2f57e

renovate[bot] · web-flow · commit 665dc4df5757 · 2025-09-04T17:05:33.000Z
diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
@@ -94,7 +94,7 @@ jobs:
       
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@ef36b69c6d7c22bd9d0183f534d82d47639dc745
+        uses: github/codeql-action/upload-sarif@2d2f57ed3a96a5c55ea34a02d2787de24943ebea
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_SECRET_TOKEN }}
         with:
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
@@ -176,14 +176,14 @@ jobs:
 
       - name: Initialize CodeQL
         if: matrix.tool == 'codeql'
-        uses: github/codeql-action/init@ef36b69c6d7c22bd9d0183f534d82d47639dc745 # Pin to v3 or similar
+        uses: github/codeql-action/init@2d2f57ed3a96a5c55ea34a02d2787de24943ebea # Pin to v3 or similar
         with:
           languages: python
           # Add queries if needed: queries: +security-extended,etc.
 
       - name: Perform CodeQL Analysis
         if: matrix.tool == 'codeql'
-        uses: github/codeql-action/analyze@ef36b69c6d7c22bd9d0183f534d82d47639dc745 # Pin to v3 or similar
+        uses: github/codeql-action/analyze@2d2f57ed3a96a5c55ea34a02d2787de24943ebea # Pin to v3 or similar
         with:
           # Output path is handled by the action, will be in 'codeql_results/python.sarif' typically
           # Let's use the default and find it later
