From e7dfca937e0fb973d5ee22665a1d0f2ad74828ec Mon Sep 17 00:00:00 2001
From: Mend Renovate <bot@renovateapp.com>
Date: Wed, 12 Jun 2024 06:25:24 +0200
Subject: [PATCH] Update workflows (#2272)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| gaurav-nelson/github-action-markdown-link-check | action | digest |
`0f074c8` -> `7d83e59` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v2.24.7` -> `v2.25.8` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

### Release Notes

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v2.25.8`](https://togithub.com/github/codeql-action/compare/v2.25.7...v2.25.8)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.7...v2.25.8)

###
[`v2.25.7`](https://togithub.com/github/codeql-action/compare/v2.25.6...v2.25.7)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.6...v2.25.7)

###
[`v2.25.6`](https://togithub.com/github/codeql-action/compare/v2.25.5...v2.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.5...v2.25.6)

###
[`v2.25.5`](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5)

###
[`v2.25.4`](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4)

###
[`v2.25.3`](https://togithub.com/github/codeql-action/compare/v2.25.2...v2.25.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.2...v2.25.3)

###
[`v2.25.2`](https://togithub.com/github/codeql-action/compare/v2.25.1...v2.25.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.1...v2.25.2)

###
[`v2.25.1`](https://togithub.com/github/codeql-action/compare/v2.25.0...v2.25.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.25.0...v2.25.1)

###
[`v2.25.0`](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.25.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.11...v2.25.0)

###
[`v2.24.11`](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.24.11)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.24.11)

###
[`v2.24.10`](https://togithub.com/github/codeql-action/compare/v2.24.9...v2.24.10)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.9...v2.24.10)

###
[`v2.24.9`](https://togithub.com/github/codeql-action/compare/v2.24.8...v2.24.9)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.8...v2.24.9)

###
[`v2.24.8`](https://togithub.com/github/codeql-action/compare/v2.24.7...v2.24.8)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.7...v2.24.8)

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- :seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- :book: Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- :book: link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- :book: update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on wednesday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv.dev).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zODguMSIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->
---
 .github/workflows/link-checker-on-push.yml | 2 +-
 .github/workflows/link-checker.yml         | 2 +-
 .github/workflows/scorecards.yml           | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/link-checker-on-push.yml b/.github/workflows/link-checker-on-push.yml
index 1c63468b9c0..e235b6de8c5 100644
--- a/.github/workflows/link-checker-on-push.yml
+++ b/.github/workflows/link-checker-on-push.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master
-    - uses: gaurav-nelson/github-action-markdown-link-check@0f074c8562c5a8fed38282b7c741d1970bb1512d
+    - uses: gaurav-nelson/github-action-markdown-link-check@7d83e59a57f3c201c76eed3d33dff64ec4452d27
       with:
         use-quiet-mode: "yes"
         check-modified-files-only: "yes"
diff --git a/.github/workflows/link-checker.yml b/.github/workflows/link-checker.yml
index 8b56e121b76..32985781bac 100644
--- a/.github/workflows/link-checker.yml
+++ b/.github/workflows/link-checker.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master
-    - uses: gaurav-nelson/github-action-markdown-link-check@0f074c8562c5a8fed38282b7c741d1970bb1512d
+    - uses: gaurav-nelson/github-action-markdown-link-check@7d83e59a57f3c201c76eed3d33dff64ec4452d27
       with:
         use-quiet-mode: "yes"
         
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 7549be1db5e..46e12646903 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -27,7 +27,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -50,6 +50,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@e56cfd0877b4826be144d11aa31e6c64a55828e9 # v2.24.7
+        uses: github/codeql-action/upload-sarif@6ac9fc7e8e290bda8fac86290b68e176def71959 # v2.25.8
         with:
           sarif_file: results.sarif