weizhoublue · dependabot · Dec 8, 2025
diff --git a/.github/workflows/lint-golang.yaml b/.github/workflows/lint-golang.yaml
@@ -70,7 +70,7 @@
          elif ${{ inputs.ref != '' }} ; then
              echo "trigger by workflow_call"
              echo "::set-output name=check::true"
              echo "::set-output name=ref::${{ inputs.ref }}"
          elif ${{ github.event_name == 'workflow_dispatch' }} ; then
              echo "trigger by workflow_dispatch"
              echo "::set-output name=check::true"
@@ -154,11 +154,11 @@
       # https://github.com/github/codeql-action
       # GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities
       - name: CodeQL Initialize
-        uses: github/codeql-action/init@v2.1.6
+        uses: github/codeql-action/init@v4.31.7
         with:
           languages: go
       - name: CodeQL Analysis
-        uses: github/codeql-action/analyze@v2.1.6
+        uses: github/codeql-action/analyze@v4.31.7
 
       # https://github.com/praetorian-inc/gokart
       # static analysis tool for Go that finds vulnerabilities using the SSA