(iceberg) branch main updated: Build: Bump github/codeql-action from 4.35.4 to 4.35.5 (#16554)

Sun, 24 May 2026 10:30:30 -0700 

This is an automated email from the ASF dual-hosted git repository.

huaxingao pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/iceberg.git


The following commit(s) were added to refs/heads/main by this push:
     new 95c86f8862 Build: Bump github/codeql-action from 4.35.4 to 4.35.5 
(#16554)
95c86f8862 is described below

commit 95c86f8862d6d9b5bdcbe0b5cae039258bab1d1c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Sun May 24 10:29:50 2026 -0700

    Build: Bump github/codeql-action from 4.35.4 to 4.35.5 (#16554)
    
    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
4.35.4 to 4.35.5.
    - [Release notes](https://github.com/github/codeql-action/releases)
    - 
[Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
    - 
[Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba)
    
    ---
    updated-dependencies:
    - dependency-name: github/codeql-action
      dependency-version: 4.35.5
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/codeql.yml   | 4 ++--
 .github/workflows/cve-scan.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 6f25d0c9b7..a811068b13 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -46,11 +46,11 @@ jobs:
         persist-credentials: false
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e 
# v4.35.4
+      uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba 
# v4.35.5
       with:
         languages: actions
 
     - name: Perform CodeQL Analysis
-      uses: 
github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
+      uses: 
github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
       with:
         category: "/language:actions"
diff --git a/.github/workflows/cve-scan.yml b/.github/workflows/cve-scan.yml
index 24f2c80015..415b6eb3c7 100644
--- a/.github/workflows/cve-scan.yml
+++ b/.github/workflows/cve-scan.yml
@@ -166,7 +166,7 @@ jobs:
         fi
     - name: Upload Trivy results to GitHub Security tab
       if: always() && github.event_name == 'push'
-      uses: 
github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # 
v4.35.4
+      uses: 
github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # 
v4.35.5
       with:
         sarif_file: 'trivy-results.sarif'
         category: ${{ matrix.distribution }}

Reply via email to